BugZero found this defect 47 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
4/3/2024
SimpliVity Omnistack for HPE
No affected releases provided.
No fixed releases provided.
Document Version Release Date Details 3 April 3, 2024 Updated Resolution with permanent fix. 2 March 5, 2024 Updated Resolution. 1 February 8, 2024 Original Document Release. HPE SimpliVity is impacted by the recent security vulnerability, CVE-2023-48795; this vulnerability is also known as the Terrapin Attack. Read more details about the vulnerability here . The next release of SimpliVity OmniStack will contain an updated version of OpenSSH which will mitigate this issue. Find below details on a workaround that can be applied to active versions of OmniStack.
SimpliVity Engineering has qualified a workaround to CVE-2023-48795 for the active versions of OmniStack: 4.2.0 4.1.3 4.1.2
This issue has been solved with HPE SimpliVity OmniStack 5.0.0 . For previous versions, contact HPE Support for assistance implementing the workaround, reference Document ID a00138174en_us. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: HPE Email Preference Center. NAVIGATION TIP: For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP: For hints on locating similar documents on HPE.com, refer to the Search Tips document.