CVE-2023-48795 NVIDIAスイッチ MSN2100の脆弱性
環境
- ONTAP9
- NVIDIA MSN2100 クラスタ ネットワーク スイッチ
問題
- セキュリティ スキャンにより、NVIDIAクラスタ ネットワーク スイッチMSN2100の脆弱性(CVE-2023-48795)が報告されました:
tcp 22 SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795) Observation: SSH Terrapin Prefix Truncation Weakness (CVE-2023-48795)IP: 10.21.x.xxx Port:22Description: The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security.Note that this plugin only checks for remote SSH servers that support either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC and do not support the strict key exchange countermeasures. It does not check for vulnerable software versions.
Recommendation: Contact the vendor for an update with the strict key exchange countermeasures or disable the affected algorithms. The remote SSH server is vulnerable to a man-in-the-middle prefix truncation weakness known as Terrapin. This can allow a remote, man-in-the-middle attacker to bypass integrity checks and downgrade the connection's security.- 影響を受けるスイッチはCumulus Linuxバージョン5.4.0を実行しています