Summary
The PKCS#11 feature in ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system.
Products not listed in the Products Potentially Affected section have not been evaluated. Furthermore, products that have exceeded any software maintenance time periods are also not evaluated and will not be published. Please consult End of Sale and End of Service Life - Extreme Networks for the EOL notices related to the product under question.
Products Potentially Affected
| OS/Product |
Exposure |
| ExtremeGuest (Essentials) |
No |
| ExtremeGuest (On-Premises) |
Yes |
| IQ Engine (HiveOS) |
No |
| Fabric Engine (VOSS) |
No |
| Switch Engine (EXOS) |
No |
| WiNG |
Yes |
| ExtremeCloud Orchestrator (XCO/EFA) |
Yes |
| Network OS |
Yes |
| SLX-OS |
Yes |
| Ipanema SD-WAN Orchestrator |
No |
Repair Recommendations
ExtremeGuest (On-Premises):
WiNG:
ExtremeCloud Orchestrator (XCO/EFA):
Network OS:
SLX-OS:
In all products, ssh-agent is only carried as a binary and is not a normal function of the product. Exposure would only occur if an administrator were using this product out of compliance with expected operations. As such, we are providing this Security Advisory as informational and recommend avoiding using ssh-agent out of design specifications.
Please see the full Security Advisory article here for more details and updated information.
