DSA-2024-233: Security Update for Dell Connectrix Cisco MDS 9000 Series Multiple Third-Party Component Vulnerabilities

Shrnutí: Dell Connectrix Cisco MDS 9000 Series remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Zástupná řešení a opatření pro zmírnění rizik

Dotčené produkty

Tento článek se vztahuje na Tento článek se nevztahuje na Tento článek není vázán na žádný konkrétní produkt. V tomto článku nejsou uvedeny všechny verze produktu.

Podívejte se na další zdroje

Vliv

High

Podrobnosti

Third-party Component	CVEs	More Information
Novel Terrapin (SSH Channel)	CVE-2023-48795	Cisco Bug ID for CVE-2023-48795
CLI	CVE-2024-20399	Cisco Security Advisory for CVE-2024-20399

Společnost Dell Technologies všem zákazníkům doporučuje vzít v úvahu základní hodnocení CVSS i všechna související hodnocení v daném čase a prostředí, která mohou mít vliv na potenciální závažnost dané konkrétní bezpečnostní hrozby.

Dotčené produkty a náprava

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2023-48795	Connectrix MDS-9124v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9124V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9706-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706-V2 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9710-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710-V2 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9718-V3	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718-V3 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9132t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9132T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9220i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9220i \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148S \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9250i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9250i \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396S \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9706	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9710	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9718	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9124v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9124V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9706-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706-V2 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9710-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710-V2 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9718-V3	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718-V3 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9132t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9132T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9220i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9220i \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148S \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9250i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9250i \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396S \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9706	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9710	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9718	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718 \| Drivers & Downloads

CVEs Addressed	Product	Software/Firmware	Affected Versions	Remediated Versions	Link
CVE-2023-48795	Connectrix MDS-9124v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9124V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396V \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9706-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706-V2 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9710-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710-V2 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9718-V3	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718-V3 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9132t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9132T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396T \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9220i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9220i \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9148s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148S \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9250i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9250i \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9396s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396S \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9706	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9710	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710 \| Drivers & Downloads
CVE-2023-48795	Connectrix MDS-9718	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9124v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9124V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396v	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396V \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9706-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706-V2 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9710-V2	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710-V2 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9718-V3	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718-V3 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9132t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9132T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396t	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396T \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9220i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9220i \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9148s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9148S \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9250i	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9250i \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9396s	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9396S \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9706	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9706 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9710	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9710 \| Drivers & Downloads
CVE-2024-20399	Connectrix MDS-9718	NX-OS	Versions prior to 9.4(2a)	Version 9.4(2a) or later	Support for Connectrix MDS-9718 \| Drivers & Downloads

The Affected Products and Remediation table above may not be a comprehensive list of all affected supported versions and may be updated as more information becomes available.

Zástupná řešení a opatření pro zmírnění rizik

CVE ID	Workaround and Mitigation
CVE-2023-48795	Security researchers at Ruhr University Bochum on 18 December 2023 disclosed a protocol level vulnerability which has been assigned a CVE ID of CVE-2023-48795 and was named 'Terrapin Attack'. The NX-OS MDS Software uses CiscoSSH which is derived from OpenSSH and could be vulnerable to CVE-2023-48795 but the Security Impact Rating (SIR) is Low because the security impact of this attack is limited as it only allows deletion of consecutive messages, and deleting most messages at this stage of the protocol prevents user authentication from proceeding. In addition: The attacker needs to be on a privileged position and be able to intercept and modify the SSH initial session setup packet exchange, and The SSH server must either (only one is enough) Offer the chacha20-poly1305@openssh.com as an encryption algorithm or Using an encryption algorithm in CBC mode and an -etm@openssh.com hashing algorithm (and the authors call this combination "vulnerable and MAYBE exploitable"). Conditions: The NX-OS MDS Software does not run AsyncSSH and are not vulnerable to either: CVE-2023-46445 (Rogue Extension Negotiation) and CVE-2023-46446 (Rogue Session Attack). Workaround: If the above conditions are true, disabling the vulnerable combinations would be an effective workaround.

CVE ID

Workaround and Mitigation

CVE-2023-48795

Security researchers at Ruhr University Bochum on 18 December 2023 disclosed a protocol level vulnerability which has been assigned a CVE ID of CVE-2023-48795 and was named 'Terrapin Attack'. The NX-OS MDS Software uses CiscoSSH which is derived from OpenSSH and could be vulnerable to CVE-2023-48795 but the Security Impact Rating (SIR) is Low because the security impact of this attack is limited as it only allows deletion of consecutive messages, and deleting most messages at this stage of the protocol prevents user authentication from proceeding. In addition:

The attacker needs to be on a privileged position and be able to intercept and modify the SSH initial session setup packet exchange, and
The SSH server must either (only one is enough)
- Offer the chacha20-poly1305@openssh.com as an encryption algorithm or
- Using an encryption algorithm in CBC mode *and* an -etm@openssh.com hashing algorithm (and the authors call this combination "vulnerable and MAYBE exploitable").
Conditions: The NX-OS MDS Software does not run AsyncSSH and are not vulnerable to either: CVE-2023-46445 (Rogue Extension Negotiation) and CVE-2023-46446 (Rogue Session Attack).

Workaround: If the above conditions are true, disabling the vulnerable combinations would be an effective workaround.

Historie změn

Revision	Date	Description
1.0	2024-09-25	Initial Release
2.0	2025-02-17	Updated for enhanced format presentation with no changes to content

Související informace

Právní upozornění

Dotčené produkty

Connectrix MDS-Series, Connectrix MDS-Series, Connectrix MDS-9124, Connectrix MDS-9124V, Connectrix MDS-9132T, Connectrix MDS-9148S, Connectrix MDS-9148T, Connectrix MDS-9148V, Connectrix MDS-9220i, Connectrix MDS-9250i, Connectrix MDS-9396T , Connectrix MDS-9396V, Connectrix MDS-9706, Connectrix MDS-9706-V2, Connectrix MDS-9710, Connectrix MDS-9710-V2, Connectrix MDS-9718, Connectrix MDS-9718-V3, Connectrix MDS-Series Hardware ...

Číslo článku: 000228917

Typ článku: Dell Security Advisory

Poslední úprava: 18 úno 2025

Zkontrolujte, zda se na vaše zařízení vztahují služby podpory.

DSA-2024-233: Security Update for Dell Connectrix Cisco MDS 9000 Series Multiple Third-Party Component Vulnerabilities

Shrnutí: Dell Connectrix Cisco MDS 9000 Series remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Vliv

Podrobnosti

Dotčené produkty a náprava

Zástupná řešení a opatření pro zmírnění rizik

Historie změn

Související informace

Právní upozornění

Dotčené produkty

Vliv

Podrobnosti

Dotčené produkty a náprava

Zástupná řešení a opatření pro zmírnění rizik

Historie změn

Související informace

Právní upozornění

Dotčené produkty

Vlastnosti článku

Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell

Služby podpory

Vlastnosti článku

Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell

Služby podpory

DSA-2024-233: Security Update for Dell Connectrix Cisco MDS 9000 Series Multiple Third-Party Component Vulnerabilities

Shrnutí: Dell Connectrix Cisco MDS 9000 Series remediation is available for multiple security vulnerabilities that could be exploited by malicious users to compromise the affected system.

Podrobný článek

Vliv

Podrobnosti

Dotčené produkty a náprava

Zástupná řešení a opatření pro zmírnění rizik

Historie změn

Související informace

Právní upozornění

Dotčené produkty

Vlastnosti článku

Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell

Služby podpory

Vlastnosti článku

Najděte odpovědi na své otázky od ostatních uživatelů společnosti Dell

Služby podpory