Guest

Preview Tool

Cisco Bug: CSCup58251 - Cisco Secure ACS evaluation of CVE-2008-5161

Last Modified

Feb 19, 2019

Products (1)

  • Cisco Secure Access Control Server Solution Engine

Known Affected Releases

5.5(0.46) 5.5(0.46.10) 5.6(0.15) 5.7(0.1)

Description (partial)

<B>Symptom:</B>
The Cisco Secure ACS includes a version of OpenSSH that is affected by the vulnerabilities identified by the Common Vulnerability and Exposures (CVE) IDs:

CVE-2008-5161

This bug has been opened to address the potential impact on this product.

<B>Conditions:</B>
Access to the Cisco Secure ACS through SSH is enabled.

Related Community Discussions

<key>CSCup58251</key> - Cisco Secure ACS evaluation of CVE-2008-5161 - 2
Hi This is Pankaj and I a running the image 5.8 with patch 8 I want help whether current image is vulnerable for this The SSH server is configured to support Cipher Block Chaining (CBC) encryption &amp; The remote SSH server is configured to allow either MD5 or 96-bit MAC algorithms, both of which are considered weak or not.
Latest activity: Sep 22, 2017
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.