Security Advisory Detail

OpenSSH Server 9.1 Double Free Vulnerability (CVE-2023-25136)

Advisory ID
WGSA-2023-00001
CVE
CVE-2023-25136
Impact
Medium
Status
Not Applicable
Product Family
Firebox, Dimension
Published Date
Updated Date
Workaround Available
False
CVSS Score
6.5
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Summary

On February 3, 2023, researchers at Qualys disclosed CVE-2023-25136, a double free vulnerability in OpenSSH Server v9.1. The exploit is non-trivial but a successful exploit could allow an unauthenticated attacker to execute arbitrary code on an unprotected system.

Affected
Product Affected Version(s) Note
Firebox Not Impacted The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable
Dimension Not Impacted Dimension uses a patched version of OpenSSH that is not affected by this vulnerability
Resolution
Product Affected Version(s) Note
Firebox Not Impacted The Firebox does not use a vulnerable version of OpenSSH. Note, some vulnerability scanners may incorrectly report the Firebox's OpenSSH server as vulnerable
Dimension Not Impacted Dimension uses a patched version of OpenSSH that is not affected by this vulnerability
Advisory Product List
Product Family
Product Branch
Product List
Firebox
XTM 8 Series (2nd Gen)
XTM850, XTM860, XTM870, XTM870-F
Firebox
XTM 1500 and 2520
XTM1520-RP, XTM1525-RP, XTM2520
Firebox
Firebox T (1st Gen)
T10, T10-W, T10-D, T30, T30-W, T50, T50-W
Firebox
Firebox T (2nd Gen)
T15, T15-W, T35, T35-W, T35-R, T55, T55-W, T70
Firebox
Firebox T (3rd Gen)
T20, T20-W, T40, T40-W, T80
Firebox
Firebox M (1st Gen)
M200, M300, M400, M440, M500
Firebox
Firebox M (2nd Gen)
M270, M370, M470, M570, M670
Firebox
Firebox M (3rd Gen)
M290, M390, M590, M690, M4800, M5800
Firebox
XTMv
Small, Medium, Large, Datacenter
Firebox
FireboxCloud
Small, Medium, Large, XLarge
Firebox
FireboxV
Small, Medium, Large, XLarge
Firebox
Firebox T (4th Gen)
NV5, T25, T45, T85
Dimension
Dimension
Dimension