OpenSSH high-risk vulnerability (CVE-2024-6387)

  • Tuesday, 2nd July, 2024
  • 19:44pm

Dear user,

Recently, relevant security organizations have announced a high-risk vulnerability with widespread impact, numbered CVE-2024-6387, which affects multiple versions of OpenSSH. The specific affected versions are as follows:

OpenSSH < 4.4p1
OpenSSH 8.5p1<=version<9.8p1


Vulnerability Overview:
This vulnerability may allow unauthorized remote attackers to exploit it to execute malicious code, obtain sensitive information, or cause service interruptions. This poses a serious threat to systems and servers that rely on OpenSSH for secure communication.

 

Solution:
We strongly recommend that all affected users take the following measures immediately:

Upgrade OpenSSH: Please upgrade OpenSSH to the latest secure version (9.8p1 or higher).

Monitoring system: Continue monitoring system logs and network traffic to detect possible signs of attack.

 

Related detection commands:
ssh -V           //View ssh version

© Copyright 2019. CTG SERVER LTD