Dell Networking OS6 OS9 and OS10 - CVE-2023-38408 false positive
Summary: Vulnerability scanners running against Dell Networking OS6, OS9, and OS10 are incorrectly showing the devices are vulnerable to CVE-2023-38408.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Vulnerability scanners running against Dell Networking OS6, OS9, and OS10 are incorrectly showing the devices are vulnerable to CVE-2023-38408.
Cause
As per the openssh site, CVE-2023-38408 is identified to affect OpenSSH between and 5.5 and 9.3p1 (inclusive).
The scanner seems to only check the OpenSSH version in the DELL OS6, OS9, or OS10 without confirming if ssh-agent forwarding is enabled in the OS.
Resolution
OS6 - OpenSSH vulnerability check (CVE-2023-38408)
ssh-agent is not used in OS6 thus the CVE is not applicable.
OS9 - CVE-2023-38408 OpenSSH vulnerability check
ssh-agent forwarding is not used in OS9 thus the CVE is not applicable.
OS10 - OpenSSH vulnerability check (CVE-2023-38408)
ssh-agent forwarding is not enabled in OS10 thus the CVE is not applicable.
ssh-agent is not used in OS6 thus the CVE is not applicable.
OS9 - CVE-2023-38408 OpenSSH vulnerability check
ssh-agent forwarding is not used in OS9 thus the CVE is not applicable.
OS10 - OpenSSH vulnerability check (CVE-2023-38408)
ssh-agent forwarding is not enabled in OS10 thus the CVE is not applicable.
Affected Products
N Series, S Series, OS9, SmartFabric OS10 SoftwareArticle Properties
Article Number: 000217210
Article Type: Solution
Last Modified: 08 Aug 2025
Version: 3
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.