Our tenable is detecting that our Fortianalyzer VM is using a vulnerable version of openSSH " The version of OpenSSH installed on the remote host is prior to 9.3 " and we should upgrade to a 9.3 or later.
is there any patch for that?
Solved! Go to Solution.
FortiAnalyzer is not considered vulnerable to CVE-2023-28531 because it does not use ssh-add, nor smartcard, nor ssh-agent.
Which FAZ version?
the Faz is running on the latest version: v7.4.2-build2397
Created on 04-02-2024 11:13 AM Edited on 04-02-2024 11:17 AM
Can you try exploit the vulnerability?
The idea behind is, I think it is possible that the OpenSSH version on your FAZ is a modified version (by Fortinet).
FortiAnalyzer is not considered vulnerable to CVE-2023-28531 because it does not use ssh-add, nor smartcard, nor ssh-agent.
Thank you for your answer.
Is the same situation for FortiManager (v6.4.14-build2660 240206 (GA))?
Thanks.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.