Security Bulletin: OpenSSH for IBM i is vulnerable to a machine-in-the-middle attack due to a flaw in the SSH transport protocol. [CVE-2023-48795]

Summary

OpenSSH used by IBM i is vulnerable to a machine-in-the-middle attack due to a flaw in the SSH transport protocol with certain extensions as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes section below.

Vulnerability Details

CVEID:CVE-2023-48795
**DESCRIPTION:**OpenSSH is vulnerable to a machine-in-the-middle attack, caused by a flaw in the extension negotiation process in the SSH transport protocol when used with certain OpenSSH extensions. A remote attacker could exploit this vulnerability to launch a machine-in-the-middle attack and strip an arbitrary number of messages after the initial key exchange, breaking SSH extension negotiation and downgrading the client connection security.
CVSS Base score: 5.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/275282 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)

Affected Products and Versions

Remediation/Fixes

The issue can be addressed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed.

IBM i 7.2 version of 5733-SC1 is a skip ship product for IBM i 7.3 and IBM i 7.4.

The IBM i 5733-SC1 PTF numbers resolve the vulnerability.

IBM i Release| 5733-SC1
PTF Number| PTF Download Link
—|—|—
7.5| SI86102| <https://www.ibm.com/support/pages/ptf/SI86102&gt;
7.4| SI86119| <https://www.ibm.com/support/pages/ptf/SI86119&gt;
7.3| SI86119| <https://www.ibm.com/support/pages/ptf/SI86119&gt;
7.2| SI86119| <https://www.ibm.com/support/pages/ptf/SI86119&gt;

https://www.ibm.com/support/fixcentral

_Important note: _IBM recommends that all users running unsupported versions of affected products upgrade to supported and fixed version of affected products.

Workarounds and Mitigations

None.