Skip to main content
Start a Conversation

Unsolved

X

xtomkrb

2 Posts

1352

January 18th, 2024 11:42

CVE-2023-48795

Hello,

during our security scanning of the Dell PowerEdge R6615 BMC the vulnerability CVE-2023-48795 was detected. I tried to find any info whether it is already solved in some newer iDRAC firmware or whether there are any recommendations how to mitigate the vulnerability.

Is there any recommendation from Dell?

In which iDRAC version will this be solved?

BIOS: 1.5.8

iDRAC: 7.00.30.00

Thanks

Tomas

1 person also has this problem

DELL-Chris H

Moderator

 • 

8.8K Posts

January 18th, 2024 16:16

Xtomkrb,

 

While it does appear there is avulnerability with the iDrac9, it is currently being addressed and should see an update available within several months. Now you can mitigate the vulnerability with the use of the iDrac RACADM command

 

racadm set iDRAC.SSHCrypto.Ciphers "aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com"

 

Let me know if this helps.

 

 

NunyaBusinessMan

1 Message

January 19th, 2024 12:48

@DELL-Chris H​ That solution worked for iDrac 9, thank you. Can you provide instructions on how we can resolve this for iDrac 8?

DELL-Chris H

Moderator

 • 

8.8K Posts

January 19th, 2024 12:52

NunyaBusinessManm

 

My understanding is that the CVE-2023-48795 vulnerability doesn't affect the iDrac8, just the iDrac9. 

 

 

xtomkrb

2 Posts

January 19th, 2024 16:34

@DELL-Chris H​ 

I got the info that the racadm command mitigated the vulnerability.

Thanks
Tomas

mejdlo

1 Rookie

 • 

4 Posts

March 1st, 2024 15:19

@DELL-Chris H​ 

Hello

I have 18 R730 and 1 R730xd with DRAC 8 - 2.85.85.85.

My enemy :-) our colleagues uses Qualys scanner and unfortunately it reports the ssh server on these DRACs are vulnerable with Terrapin:

SSH Prefix Truncation Vulnerability (Terrapin) detected on port: 22
ChaCha20-Poly1305 Algorithm Support: True
CBC-EtM Algorithm Support: False
Strict Key Exchange algorithm enabled: False

DRAC 9: racadm get iDRAC | grep -i ssh
SSH
SSHCrypto

DRAC 8: racadm get iDRAC | grep -i ssh
SSH

Please, are here a chance that Dell will do update of DRAC 8 with a new ssh server for example without ChaCha20-Poly1305 ?

Thank you in advance

Tomas

DELL-Chris H

Moderator

 • 

8.8K Posts

March 1st, 2024 15:40

Mejdlo,

 

Well it looks like a spoke a little soon on my earlier posting, as we released a document about a week after my previous response. While I don't have any details on an iDrac8 update coming up, or a timeframe for its release, you can find the document and workaround here

 

Let me know if this helps. 

 

mejdlo

1 Rookie

 • 

4 Posts

March 3rd, 2024 12:16

@DELL-Chris H​ 

Hi,

Thank you for the interest. The mentioned "workaround" for iDRAC 8 is kind of funny :-). I like all of our Dell PowerEdges, perfect 730 too of course, so I'll hope and wait for an update od theirs iDRAC 8 (sshd). Hopefully! They are still very helpful and I prefer Dells over other vendors.

Kind regards

Tomas

View More

View All

No Events found!

Top