cancel
Showing results for 
Search instead for 
Did you mean: 

Dropbear SSH Server vulnerability

andy_styring
New Contributor
Is the dropbear SSH Server vulnerability patch included in ZD1100 9.10.2.0.63 Software Release?

I am currently on version 9.7.2.0 build 20

Thanks
2 REPLIES 2

martin_martin
Valued Contributor
Hi Andy,

You can check the https://www.ruckuswireless.com/security page for any info regarding dropbear.

Kind regards
Martin

michael_brado
Esteemed Contributor II
Hello Andy,

   We've had other tickets/requests like yours too. The CVE-2017-9079 dropbear issue is fixed in ZD 10.0+, but unfortunately ZD1100 last supported release is 9.10.x, and changes will not be back-ported.

   Other customers had to upgrade to ZD1200 model controllers if this is your concern. The security team reports this is concidered a minor vulnerability, with a CVSS score of 4.7, and exploitability score of 1.0.
Labels