


- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Security advisory SA-2023-023 - OpenSSL c_rehash script (CVE-2022-2068) is now available.
Summary
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
Impact Details
OS/Product | Exposure |
Extreme AirDefense | No |
Extreme Campus Controller (ExtremeCloud Appliance) | No |
Extreme Management Center (XMC) | Yes |
ExtremeAnalytics | Yes |
ExtremeCloud A3 | No |
ExtremeCloud IQ | No |
ExtremeConnect | Yes |
ExtremeControl | Yes |
ExtremeGuest (Essentials) | No |
ExtremeGuest (On-Premises) | Yes |
ExtremeLocation | No |
Fabric Manager | Yes |
Guest and IoT Manager (GIM) | Yes |
HiveManager Classic On-Premises | No |
HiveManager Classic Online | No |
IQ Engine (HiveOS) | No |
IQVA | Yes |
Traffic Sensor | Yes |
VGVA | No |
XIQ-SE | Yes |
200-series | Investigating |
BOSS | No |
EOS (S/K/7100) | Investigating |
Fabric Engine (VOSS) | No |
ISW | Investigating |
Switch Engine (EXOS) | No |
Extreme Wireless (IdentiFi) | No |
Nsight | Yes |
WiNG | Yes |
Extreme Fabric Automation (EFA) | No |
Extreme Visibility Manager (XVM) | Yes |
NetIron OS | No |
Network OS | No |
SLX-OS | No |
Discovery | No |
Extreme SD-WAN | No |
Ipanema SALSA | No |
Ipanema SD-WAN Orchestrator | No |
Ipanema ip|engine | No |
Repair Recommendations
Extreme Management Center (XMC):
- Fixed in 8.5.8 or later. (Target GA: June, 2023)
ExtremeAnalytics:
- Fixed in 22.6.12 or later.
ExtremeConnect:
- Fixed in 22.6.12 or later.
ExtremeControl:
- Fixed in 22.6.12 or later.
ExtremeGuest (On-Premises):
- Will not fix.
Fabric Manager:
- Fixed in 22.6.12 or later.
Guest and IoT Manager (GIM):
- Fixed in 22.6.12 or later.
IQVA:
- Upgrade to XIQ.
Traffic Sensor:
- Fixed in 22.6.12 or later.
XIQ-SE:
- Fixed in 22.6.12 or later.
Nsight:
- Will not fix.
WiNG:
- Fixed in 7.7.1.5 or later.
- Fixed in 7.9.0.0 or later.
Extreme Visibility Manager (XVM):
- Upgrade to XCO 3.2.0 or higher.
Please see the full security advisory here for more details.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.