Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Citrix has released a security bulletin detailing a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix Hypervisor virtualization platform.
The issue stems from the inclusion of a vulnerable version of the popular PuTTY SSH client in XenCenter, the management console for Citrix Hypervisor.
Versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Release (LTSR) prior to 8.2.6 included PuTTY to enable SSH connections from XenCenter to guest virtual machines.
However, PuTTY versions before 0.81 contained a flaw in generating ECDSA encryption keys using the NIST P-521 curve.
This vulnerability could allow an attacker who controls a guest VM to determine the SSH private key of a XenCenter administrator who uses that key to authenticate to the compromised VM over SSH.
📁🄳🄾🄲🅄🄼🄴🄽🅃
Obtaining the private key would enable the attacker to gain unauthorized access to other systems and services using the same key.
The flaw could also enable supply chain attacks if the compromised keys are used for services like Git that host software source code.
In addition to Citrix Hypervisor, the PuTTY vulnerability impacts several other products that bundled the affected versions, including FileZilla, WinSCP, TortoiseGit, and TortoiseSVN.
To mitigate the risk, Citrix has deprecated the inclusion of PuTTY, starting with XenCenter version 8.2.6 for Citrix Hypervisor 8.2 CU1 LTSR. Versions 8.2.7 and later will not include PuTTY.
Customers who wish to continue using the SSH console functionality in XenCenter are advised to update PuTTY to version 0.81 or later.
Citrix emphasized that versions of XenCenter for the newer XenServer 8 hypervisor have never included PuTTY and are not affected[6].
The company recommends that all customers subscribe to alerts for security bulletins and treat any potential vulnerabilities seriously.
The PuTTY vulnerability has been assigned a CVSS severity score of 5.9.
Citrix customers using impacted versions of XenCenter with PuTTY are encouraged to take immediate action by updating PuTTY or removing it if the SSH functionality is not needed.
Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach -Download Free Guide
#Cyber_Security #Security_Updates #Vulnerability #Citrix #Hypervisor_Vulnerability #putty
Оригинальная версия на сайте:
Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor
Author: Guru BaranCitrix has released a security bulletin detailing a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix Hypervisor virtualization platform.
The issue stems from the inclusion of a vulnerable version of the popular PuTTY SSH client in XenCenter, the management console for Citrix Hypervisor.
Versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Release (LTSR) prior to 8.2.6 included PuTTY to enable SSH connections from XenCenter to guest virtual machines.
However, PuTTY versions before 0.81 contained a flaw in generating ECDSA encryption keys using the NIST P-521 curve.
This vulnerability could allow an attacker who controls a guest VM to determine the SSH private key of a XenCenter administrator who uses that key to authenticate to the compromised VM over SSH.
📁🄳🄾🄲🅄🄼🄴🄽🅃
Obtaining the private key would enable the attacker to gain unauthorized access to other systems and services using the same key.
The flaw could also enable supply chain attacks if the compromised keys are used for services like Git that host software source code.
In addition to Citrix Hypervisor, the PuTTY vulnerability impacts several other products that bundled the affected versions, including FileZilla, WinSCP, TortoiseGit, and TortoiseSVN.
To mitigate the risk, Citrix has deprecated the inclusion of PuTTY, starting with XenCenter version 8.2.6 for Citrix Hypervisor 8.2 CU1 LTSR. Versions 8.2.7 and later will not include PuTTY.
Customers who wish to continue using the SSH console functionality in XenCenter are advised to update PuTTY to version 0.81 or later.
Citrix emphasized that versions of XenCenter for the newer XenServer 8 hypervisor have never included PuTTY and are not affected[6].
The company recommends that all customers subscribe to alerts for security bulletins and treat any potential vulnerabilities seriously.
The PuTTY vulnerability has been assigned a CVSS severity score of 5.9.
Citrix customers using impacted versions of XenCenter with PuTTY are encouraged to take immediate action by updating PuTTY or removing it if the SSH functionality is not needed.
Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach -Download Free Guide
#Cyber_Security #Security_Updates #Vulnerability #Citrix #Hypervisor_Vulnerability #putty
Оригинальная версия на сайте:
