Preview Tool

Cisco Bug: CSCup37073 - Update OpenSSH to Address Published Vulnerabilities

Last Modified

Jan 30, 2020

Products (1)

  • Cisco Unified Intelligence Center

Known Affected Releases

10.0(1) 10.0(5) 11.0(1) 9.0(1) 9.1(1)

Description (partial)

Vulnerability scanning on CUIC indicates that OpenSSH 5.1p1 is used and is affected by the following CVEs :
1. OpenSSH Plaintext Recovery Attack Against SSH Vulnerability (CVE-2008-5161) 
2. OpenSSH Commands Information Disclosure Vulnerability (CVE-2012-0814) 
3. OpenSSH J-PAKE Session Key Retrieval Vulnerability (CVE-2010-4478)

Seen on VOS 8.5(1).
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.