What is it?
Cisco sells a wide variety of network products for voice-over-IP, routing, switching, network management, network security, video streaming and wireless services.
Many of these products use Open Secure Shell (Open SSH) for network security.
A vulnerability in the Open SSH software was detected by Qualys Security. The link below provides detailed information about the vulnerability.
Why is it a risk?
The vulnerability allows unauthenticated, remote code execution.
Cisco Systems rates this vulnerability as “High”
How can you mitigate the risk?
Update the software in your Internet facing devices.
The Cisco Security Advisory linked below provides a complete list of effected devices as well as the software version that fixes the vulnerability.
Resources:
Qualys Security Advisory – CVE-2024-6387
<https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
Cisco Security Advicory
