https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15636#M3407 Is the dropbear SSH Server vulnerability patch included in ZD1100 9.10.2.0.63 Software Release?<BR /><BR alt="" name="" rel="" target="" title="" type="" value="" />I am currently on version 9.7.2.0 build 20<BR /><BR />Thanks Fri, 11 Jan 2019 15:07:04 GMT andy_styring 2019-01-11T15:07:04Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15636#M3407 Is the dropbear SSH Server vulnerability patch included in ZD1100 9.10.2.0.63 Software Release?<BR /><BR alt="" name="" rel="" target="" title="" type="" value="" />I am currently on version 9.7.2.0 build 20<BR /><BR />Thanks Fri, 11 Jan 2019 15:07:04 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15636#M3407 andy_styring 2019-01-11T15:07:04Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15637#M3408 Hi Andy,<BR alt="" name="" rel="" target="" title="" type="" value="" /><BR alt="" name="" rel="" target="" title="" type="" value="" />You can check the&nbsp;<A alt="" href="https://www.ruckuswireless.com/security" name="" rel="nofollow" target="" title="Link httpswwwruckuswirelesscomsecurity" type="" value="">https://www.ruckuswireless.com/security</A>&nbsp;page for any info regarding dropbear.<BR alt="" name="" rel="" target="" title="" type="" value="" /><BR alt="" name="" rel="" target="" title="" type="" value="" />Kind regards<BR alt="" name="" rel="" target="" title="" type="" value="" />Martin<BR alt="" name="" rel="" target="" title="" type="" value="" /><BR alt="" name="" rel="" target="" title="" type="" value="" /> Fri, 11 Jan 2019 16:45:43 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15637#M3408 martin_martin 2019-01-11T16:45:43Z https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15638#M3409 Hello Andy, <BR /><BR />&nbsp;&nbsp; We've had other tickets/requests like yours too. The CVE-2017-9079 dropbear issue is fixed in ZD 10.0+, but unfortunately ZD1100 last supported release is 9.10.x, and changes will not be back-ported. <BR /><BR />&nbsp;&nbsp; Other customers had to upgrade to ZD1200 model controllers if this is your concern. The security team reports this is concidered a minor vulnerability, with a CVSS score of 4.7, and exploitability score of 1.0. Fri, 11 Jan 2019 17:26:58 GMT https://community.ruckuswireless.com/t5/ZoneDirector/Dropbear-SSH-Server-vulnerability/m-p/15638#M3409 michael_brado 2019-01-11T17:26:58Z