Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Assiamour_
New Contributor II

Fortianalyzer Critical Vulnerability CVE-2023-28531 OpenSSH

Our tenable is detecting that our Fortianalyzer VM is using a vulnerable version of openSSH " The version of OpenSSH installed on the remote host is prior to 9.3 " and we should upgrade to a 9.3 or later. 

is there any patch for that?

 

image.png

1 Solution
jasonhong
Staff
Staff

FortiAnalyzer is not considered vulnerable to CVE-2023-28531 because it does not use ssh-add, nor smartcard, nor ssh-agent.

View solution in original post

5 REPLIES 5
AEK
Honored Contributor

Which FAZ version? 

AEK
AEK
Assiamour_
New Contributor II

the Faz is running on the latest version: v7.4.2-build2397

AEK
Honored Contributor

Can you try exploit the vulnerability?

The idea behind is, I think it is possible that the OpenSSH version on your FAZ is a modified version (by Fortinet).

AEK
AEK
jasonhong
Staff
Staff

FortiAnalyzer is not considered vulnerable to CVE-2023-28531 because it does not use ssh-add, nor smartcard, nor ssh-agent.

Assiamour_

Thank you for your answer. 

Labels
Top Kudoed Authors