I have a customer who sent me the following message a few minutes ago.
"My security company sent the following about the Aruba switches. Is there an update for this?
This vulnerability impacts versions 8.7/8.8 of the OpenSSH secure networking suite which can lead to a remote code execution. While these internal IPs do not appear to be externally facing, to err the side of caution, we recommend upgrading to the latest secure OpenSSH release."
I was provided with a list of 5 switches that are reportedly running a vulnerable version of OpenSSH. In each case, the switches are running either 10.10.1030 or 10.10.1070, and they are running SSH version 2.0. The customer also has switches running those same firmware versions that were not listed as being vulnerable. My gut tells me that the customer's security scan is picking up a red herring, but I figure it's worth checking here before I brush it off. I have advised the customer that we should upgrade the switches to 10.13.1010, but have yet to receive approval. However, the data I have thus far collected makes me suspicious that this is a firmware issue. Any thoughts?