OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136)
Advisory ID
WGSA-2023-00001
CVE
CVE-2023-25136
Impact
Medium
Status
Not Applicable
Product Family
Firebox,
Dimension
Published Date
Updated Date
Workaround Available
False
CVSS Score
6.5
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary
On February 3, 2023, researchers at Qualys disclosed CVE-2023-25136, a double free vulnerability in OpenSSH Server v9.1. The exploit is non-trivial but a successful exploit could allow an unauthenticated attacker to execute arbitrary code on an unprotected system.
Affected
| Product | Affected Version(s) | Note |
|---|---|---|
| Firebox | Not Impacted | The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable |
| Dimension | Not Impacted | Dimension uses a patched version of OpenSSH that is not affected by this vulnerability |
Resolution
| Product | Affected Version(s) | Note |
|---|---|---|
| Firebox | Not Impacted | The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable |
| Dimension | Not Impacted | Dimension uses a patched version of OpenSSH that is not affected by this vulnerability |
Advisory Product List
Product Family
Product Branch
Product List
Firebox
XTM 8 Series (2nd Gen)
XTM850,
XTM860,
XTM870,
XTM870-F
Firebox
XTM 1500 and 2520
XTM1520-RP,
XTM1525-RP,
XTM2520
Firebox
Firebox T (1st Gen)
T10,
T10-W,
T10-D,
T30,
T30-W,
T50,
T50-W
Firebox
Firebox T (2nd Gen)
T15,
T15-W,
T35,
T35-W,
T35-R,
T55,
T55-W,
T70
Firebox
Firebox T (3rd Gen)
T20,
T20-W,
T40,
T40-W,
T80
Firebox
Firebox M (1st Gen)
M200,
M300,
M400,
M440,
M500
Firebox
Firebox M (2nd Gen)
M270,
M370,
M470,
M570,
M670
Firebox
Firebox M (3rd Gen)
M290,
M390,
M590,
M690,
M4800,
M5800
Firebox
XTMv
Small,
Medium,
Large,
Datacenter
Firebox
FireboxCloud
Small,
Medium,
Large,
XLarge
Firebox
FireboxV
Small,
Medium,
Large,
XLarge
Firebox
Firebox T (4th Gen)
NV5,
T25,
T45,
T85
Dimension
Dimension
Dimension