https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103520#M6765 <P>Hello,</P><P>&nbsp;</P><P>On a recent pen test, all the APs on our network (10 in total) are flagged with CVE-2023-48795.&nbsp; We've updated to the latest firmware of 200.17.7.0.152 but it's still the same.&nbsp;</P><P>&nbsp;</P><P>Please can you advise? is it possible to turn off ssh if there is no fix but it's quite an old cve.</P><P>&nbsp;</P><P>thanks</P><P>MW</P><P>&nbsp;</P> Tue, 11 Mar 2025 09:33:37 GMT MWSS 2025-03-11T09:33:37Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103520#M6765 <P>Hello,</P><P>&nbsp;</P><P>On a recent pen test, all the APs on our network (10 in total) are flagged with CVE-2023-48795.&nbsp; We've updated to the latest firmware of 200.17.7.0.152 but it's still the same.&nbsp;</P><P>&nbsp;</P><P>Please can you advise? is it possible to turn off ssh if there is no fix but it's quite an old cve.</P><P>&nbsp;</P><P>thanks</P><P>MW</P><P>&nbsp;</P> Tue, 11 Mar 2025 09:33:37 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103520#M6765 MWSS 2025-03-11T09:33:37Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103684#M6783 <P>I would email support or fill out the support form and bug them until they reply to your specific security issue. Please reply back here with what they do about it when you get a satisfactory reply.</P> Sun, 16 Mar 2025 21:11:48 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103684#M6783 JacksonCampbell 2025-03-16T21:11:48Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103686#M6784 <P>annoyingly we dont have a support contract any longer so Im unable to speak to them directly.&nbsp;</P> Mon, 17 Mar 2025 09:15:30 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103686#M6784 MWSS 2025-03-17T09:15:30Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103735#M6788 <P>I looked up the CVE:</P><P><A href="https://nvd.nist.gov/vuln/detail/CVE-2023-48795" target="_blank">https://nvd.nist.gov/vuln/detail/CVE-2023-48795</A><BR /><A href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795" target="_blank">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795</A><BR /><BR />Is the solution for Ruckus to simply upgrade whatever SSH server they are using to the newest version (that addresses the vulnerability)?<BR /><BR />Re: your second question, I looked up the CLI Reference Guide, and I don't see a way to disable SSH, because I assume by doing so there would be no way to re-enable it.<BR /><BR />Hope Ruckus team gets this, as it seems like the hotfix is just to upgrade the SSH server in Unleashed to the latest version.</P> Wed, 19 Mar 2025 00:11:53 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103735#M6788 BobaEnjoyer 2025-03-19T00:11:53Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103736#M6789 <P>You can contact them directly like anyone else. There is a support form in the Unleashed web GUI and app.</P> Wed, 19 Mar 2025 01:48:14 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103736#M6789 JacksonCampbell 2025-03-19T01:48:14Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103737#M6790 <P>I assume if it was disabled then you could re-enable it by resetting the AP or Unleashed network.</P> Wed, 19 Mar 2025 01:49:27 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103737#M6790 JacksonCampbell 2025-03-19T01:49:27Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103756#M6792 <P>Hi,<BR /><BR />This issue is already worked on and will be fixed in 200.18</P> Wed, 19 Mar 2025 16:32:23 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103756#M6792 sanjay_kumar 2025-03-19T16:32:23Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103758#M6793 <P>thanks, when will that be released?</P> Wed, 19 Mar 2025 16:34:19 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103758#M6793 MWSS 2025-03-19T16:34:19Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103761#M6794 <P>Current EAT is end of April. I will keep you posted if there are any changes.</P> Wed, 19 Mar 2025 16:56:06 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/103761#M6794 sanjay_kumar 2025-03-19T16:56:06Z https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/104060#M6804 <P>Hello Sanjay.</P><P>we have our pen test the last week of April.&nbsp; Im hoping the fix will be released before then so I dont have to plan remediation documentation.&nbsp; &nbsp;Just checking in if a date is in mind?</P> Mon, 31 Mar 2025 13:11:41 GMT https://community.ruckuswireless.com/t5/Unleashed/R650-unleashed-cve-2023-48795/m-p/104060#M6804 MWSS 2025-03-31T13:11:41Z