SamPirok
Community Manager
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
02-09-2023
09:48 AM
Security advisory SA-2023-023 - OpenSSL c_rehash script (CVE-2022-2068) is now available.
Summary
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
Impact Details
| OS/Product | Exposure |
| Extreme AirDefense | No |
| Extreme Campus Controller (ExtremeCloud Appliance) | No |
| Extreme Management Center (XMC) | Yes |
| ExtremeAnalytics | Yes |
| ExtremeCloud A3 | No |
| ExtremeCloud IQ | No |
| ExtremeConnect | Yes |
| ExtremeControl | Yes |
| ExtremeGuest (Essentials) | No |
| ExtremeGuest (On-Premises) | Yes |
| ExtremeLocation | No |
| Fabric Manager | Yes |
| Guest and IoT Manager (GIM) | Yes |
| HiveManager Classic On-Premises | No |
| HiveManager Classic Online | No |
| IQ Engine (HiveOS) | No |
| IQVA | Yes |
| Traffic Sensor | Yes |
| VGVA | No |
| XIQ-SE | Yes |
| 200-series | Investigating |
| BOSS | No |
| EOS (S/K/7100) | Investigating |
| Fabric Engine (VOSS) | No |
| ISW | Investigating |
| Switch Engine (EXOS) | No |
| Extreme Wireless (IdentiFi) | No |
| Nsight | Yes |
| WiNG | Yes |
| Extreme Fabric Automation (EFA) | No |
| Extreme Visibility Manager (XVM) | Yes |
| NetIron OS | No |
| Network OS | No |
| SLX-OS | No |
| Discovery | No |
| Extreme SD-WAN | No |
| Ipanema SALSA | No |
| Ipanema SD-WAN Orchestrator | No |
| Ipanema ip|engine | No |
Repair Recommendations
Extreme Management Center (XMC):
- Fixed in 8.5.8 or later. (Target GA: June, 2023)
ExtremeAnalytics:
- Fixed in 22.6.12 or later.
ExtremeConnect:
- Fixed in 22.6.12 or later.
ExtremeControl:
- Fixed in 22.6.12 or later.
ExtremeGuest (On-Premises):
- Will not fix.
Fabric Manager:
- Fixed in 22.6.12 or later.
Guest and IoT Manager (GIM):
- Fixed in 22.6.12 or later.
IQVA:
- Upgrade to XIQ.
Traffic Sensor:
- Fixed in 22.6.12 or later.
XIQ-SE:
- Fixed in 22.6.12 or later.
Nsight:
- Will not fix.
WiNG:
- Fixed in 7.7.1.5 or later.
- Fixed in 7.9.0.0 or later.
Extreme Visibility Manager (XVM):
- Upgrade to XCO 3.2.0 or higher.
Please see the full security advisory here for more details.
1 Comment
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
