Lucene search
IBM017C71DEED05623DC9CFECB9C5DB9812A0FCD28132381FC166FB85C3D0F59324HistoryApr 04, 2024 - 5:46 p.m.
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a machine-in-the-middle attack due to Apache MINA SSHD (CVE-2023-48795)
2024-04-0417:46:46
www.ibm.com
16
ibm tivoli netcool impact
machine-in-the-middle attack
apache mina sshd
cve-2023-48795
upgrade
security vulnerability
Summary
Apache MINA SSHD is shipped with IBM Tivoli Netcool Impact as part of the Command Line Manager service. Information about a security vulnerability affecting Apache MINA SSHD has been published in a security bulletin.
Vulnerability Details
CVEID:CVE-2023-48795
**DESCRIPTION:**OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport protocol when used with certain OpenSSH extensions. A remote attacker could exploit this vulnerability to launch a machine-in-the-middle attack and strip an arbitrary number of messages after the initial key exchange, breaking SSH extension negotiation and downgrading the client connection security.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/275282 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|---|
| IBM Tivoli Netcool Impact | 7.1.0.1 - 7.1.0.32 |
Remediation/Fixes
| Product | VRMF | APAR | Remediation |
|---|---|---|---|
| IBM Tivoli Netcool Impact | 7.1.0.33 | IJ49954 | Upgrade to IBM Tivoli Netcool Impact 7.1.0 FP33 |
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| tivoli netcool/impact | eq | 7.1.0 |
Related
nessus
nessus
EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2024-1339)
2024-03-12 00:00:00
openSUSE 15 Security Update : jbcrypt, trilead-ssh2 (SUSE-SU-2024:0972-1)
2024-03-23 00:00:00
Oracle Linux 8 : libssh (ELSA-2024-0628)
2024-02-01 00:00:00
debian
debian
[SECURITY] [DLA 3718-1] php-phpseclib security update
2024-01-25 02:26:31
[SECURITY] [DSA 5600-1] php-phpseclib security update
2024-01-12 07:13:37
[SECURITY] [DSA 5599-1] phpseclib security update
2024-01-12 07:13:27
osv
osv
CVE-2023-48795
2023-12-18 16:15:10
putty - security update
2023-12-24 00:00:00
lxd vulnerability
2024-04-22 09:47:43
ibm
ibm
Security Bulletin: OpenSSH vulnerability affects IBM WebSphere Adapter for FTP shipped with IBM Business Automation Workflow - CVE-2023-48795
2024-03-22 16:29:44
fedora
fedora
[SECURITY] Fedora 38 Update: putty-0.80-1.fc38
2024-01-11 02:17:03
[SECURITY] Fedora 38 Update: podman-tui-0.15.0-1.fc38
2023-12-29 01:05:34
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.7.0-1.fc39
2024-01-29 06:26:11
almalinux
almalinux
Moderate: libssh security update
2024-01-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0210-1)
2024-01-25 00:00:00
Ubuntu: Security Advisory (USN-6589-1)
2024-01-19 00:00:00
Fedora: Security Advisory for python-paramiko (FEDORA-2024-39a8c72ea9)
2024-01-18 00:00:00
ubuntu
ubuntu
Paramiko vulnerability
2024-01-25 00:00:00
libssh2 vulnerability
2024-01-15 00:00:00
FileZilla vulnerability
2024-01-18 00:00:00
amazon
amazon
Medium: openssh
2023-12-18 09:20:00
cbl_mariner
cbl_mariner
CVE-2023-48795 affecting package openssh for versions less than 8.9p1-4
2024-01-19 03:54:24
CVE-2023-48795 affecting package kubevirt for versions less than null
2024-01-10 08:19:37
CVE-2023-48795 affecting package libssh for versions less than 0.10.6-1
2024-01-14 22:46:30
mageia
mageia
Updated dropbear package fixes a security vulnerability
2024-01-08 22:01:05
Updated putty package fixes a security vulnerability (Terrapin attack)
2024-01-08 13:12:44
Updated erlang packages fix a security vulnerability (Terrapin Attack)
2024-01-20 01:43:32
github
github
oraclelinux
oraclelinux
openssh security update
2024-03-19 00:00:00
buildah security update
2024-03-07 00:00:00
openssh security update
2024-03-18 00:00:00
ubuntucve
ubuntucve
CVE-2023-48795
2023-12-18 00:00:00
redos
redos
ROS-20240408-15
2024-04-08 00:00:00
ROS-20240409-04
2024-04-09 00:00:00
redhat
redhat
(RHSA-2024:1196) Moderate: Red Hat JBoss Enterprise Application Platform 7.4 security update
2024-03-06 17:50:02
(RHSA-2024:1150) Moderate: buildah security update
2024-03-05 15:32:31
(RHSA-2024:0625) Moderate: libssh security update
2024-01-31 08:08:23
atlassian
atlassian
CVE-2023-48795 vulnerability on SSH
2024-01-04 17:19:13
alpinelinux
alpinelinux
CVE-2023-48795
2023-12-18 16:15:10
cloudfoundry
cloudfoundry
USN-6561-1: libssh vulnerability | Cloud Foundry
2024-04-04 00:00:00
freebsd
freebsd
jenkins -- Terrapin SSH vulnerability in Jenkins CLI client
2024-04-17 00:00:00
putty -- add protocol extension against 'Terrapin attack'
2023-10-16 00:00:00
FreeBSD -- Prefix Truncation Attack in the SSH protocol
2023-12-19 00:00:00
prion
prion
Design/Logic Flaw
2023-12-18 16:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2382
2024-03-26 11:47:18
veracode
veracode
Rogue Session Attack (Terrapin)
2023-12-19 06:46:15
Prefix Truncation Attack (Terrapin Attack)
2023-12-19 09:12:16
cvelist
cvelist
CVE-2023-48795
2023-12-18 00:00:00
paloalto
paloalto
Impact of Terrapin SSH Attack
2024-01-09 01:30:00
thn
thn
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
2024-01-01 09:37:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-23:19.openssh
2023-12-19 00:00:00
debiancve
debiancve
CVE-2023-48795
2023-12-18 16:15:10
9.5 High
AI Score
Confidence
High
0.962 High
EPSS
Percentile
99.5%
Related for 017C71DEED05623DC9CFECB9C5DB9812A0FCD28132381FC166FB85C3D0F59324