Unsolved
2 Posts
1
1352
CVE-2023-48795
Hello,
during our security scanning of the Dell PowerEdge R6615 BMC the vulnerability CVE-2023-48795 was detected. I tried to find any info whether it is already solved in some newer iDRAC firmware or whether there are any recommendations how to mitigate the vulnerability.
Is there any recommendation from Dell?
In which iDRAC version will this be solved?
BIOS: 1.5.8
iDRAC: 7.00.30.00
Thanks
Tomas
DELL-Chris H
Moderator
Moderator
•
8.8K Posts
2
January 18th, 2024 16:16
Xtomkrb,
While it does appear there is avulnerability with the iDrac9, it is currently being addressed and should see an update available within several months. Now you can mitigate the vulnerability with the use of the iDrac RACADM command
racadm set iDRAC.SSHCrypto.Ciphers "aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com"
Let me know if this helps.
NunyaBusinessMan
1 Message
0
January 19th, 2024 12:48
@DELL-Chris H That solution worked for iDrac 9, thank you. Can you provide instructions on how we can resolve this for iDrac 8?
DELL-Chris H
Moderator
Moderator
•
8.8K Posts
1
January 19th, 2024 12:52
NunyaBusinessManm
My understanding is that the CVE-2023-48795 vulnerability doesn't affect the iDrac8, just the iDrac9.
xtomkrb
2 Posts
0
January 19th, 2024 16:34
@DELL-Chris H
I got the info that the racadm command mitigated the vulnerability.
Thanks
Tomas
mejdlo
1 Rookie
1 Rookie
•
4 Posts
0
March 1st, 2024 15:19
@DELL-Chris H
Hello
I have 18 R730 and 1 R730xd with DRAC 8 - 2.85.85.85.
My enemy :-) our colleagues uses Qualys scanner and unfortunately it reports the ssh server on these DRACs are vulnerable with Terrapin:
SSH Prefix Truncation Vulnerability (Terrapin) detected on port: 22
ChaCha20-Poly1305 Algorithm Support: True
CBC-EtM Algorithm Support: False
Strict Key Exchange algorithm enabled: False
DRAC 9: racadm get iDRAC | grep -i ssh
SSH
SSHCrypto
DRAC 8: racadm get iDRAC | grep -i ssh
SSH
Please, are here a chance that Dell will do update of DRAC 8 with a new ssh server for example without ChaCha20-Poly1305 ?
Thank you in advance
Tomas
DELL-Chris H
Moderator
Moderator
•
8.8K Posts
0
March 1st, 2024 15:40
Mejdlo,
Well it looks like a spoke a little soon on my earlier posting, as we released a document about a week after my previous response. While I don't have any details on an iDrac8 update coming up, or a timeframe for its release, you can find the document and workaround here.
Let me know if this helps.
mejdlo
1 Rookie
1 Rookie
•
4 Posts
0
March 3rd, 2024 12:16
@DELL-Chris H
Hi,
Thank you for the interest. The mentioned "workaround" for iDRAC 8 is kind of funny :-). I like all of our Dell PowerEdges, perfect 730 too of course, so I'll hope and wait for an update od theirs iDRAC 8 (sshd). Hopefully! They are still very helpful and I prefer Dells over other vendors.
Kind regards
Tomas