"regreSSHion" CVE-2024-6387 Vulnerability

WTI has released version 8.05 to address the "regreSSHion" vulnerability. 
Please upgrade your device to v8.05 or later to patch the CVE-2024-6387 vulnerability using the following link:

Console:

V8.05

Power:

V4.02 

 

To verify the latest version has been installed issue a "/show version details" via the CLI. OpenSSH should now reflect 9.8p1.

 

CPM> /show version details
Version 8.05
Date Code: Wed Jul 10 07:47:01 PDT 2024
Apache: 2.4.59
bash: 5.0.0(1)-release
IPSec: 5.9.8/K5.4.0
NET-SNMP: 5.9.1
OpenSSH: 9.8p1
OpenSSL: 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
OpenVPN: 2.5.7
RESTful: v1.0, v2 (Dec24)

 

 

Please note that only current ARM based console/power products will have the ability to install the patch. PPC legacy products will not be supported. If you need help please feel free to reach out to technical support for further assistance.