BugZero | Cisco BugID CSCwk61938 - ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"

Cisco - Defect ID: CSCwk61938

ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"

Cisco - Defect ID: CSCwk61938

ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"

Last updated on November 17th, 2025

BugZero Risk Score
9.7 High

Overall: 9.7

Severity: 10.0

Lifecycle: 9.1

Popularity: 6.9

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 279

Description

Symptom

This bug has been filed to evaluate the product Identity Services Engine (ISE) against the vulnerability in the OpenSSH server disclosed on July 1st, 2024: CVE-2024-6387 - Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion) This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-openssh-rce-2024

Conditions

ISE 2.X and 3.0 are not impacted. ISE 3.1 P1,P2 and P3 are not impacted. ISE 3.1 P4 and later patches are vulnerable. ISE 3.2 is vulnerable ISE 3.3 is vulnerable.

Workaround

-- A hotpatch for 3.1 is now available at https://software.cisco.com/download/home/283801620/type/283802505/release/HP-3.1-CSCwk61938 -- A hotpatch for 3.2 is now available at https://software.cisco.com/download/home/283801620/type/283802505/release/HP-3.2-CSCwk61938 -- Fix for 3.3 is available in patch 3 - now available at https://software.cisco.com/download/home/283801620/type/283802505/release/3.3%20Patch%203 NOTE: Cisco uses a customized library for SSH, the fix for this vulnerability is implemented in CiscoSSH 1.13.48 (based on OpenSSH 9.1)

Further Problem Description

Additional details about the vulnerability listed above can be found at http://cve.mitre.org/cve/cve.html PSIRT Evaluation: The Cisco PSIRT has assigned this bug the following CVSS version 3.1 score. The Base CVSS scores as of the time of evaluation are 8.1: https://tools.cisco.com/security/center/cvssCalculator.x?version=3.1&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H The Cisco PSIRT has assigned this score based on information obtained from multiple sources. This includes the CVSS score assigned by the third-party vendor when available. The CVSS score assigned may not reflect the actual impact on the Cisco Product. Additional information on Cisco's security vulnerability policy can be found at the following URL: https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html

Change history

2025-08-06 Added: 003.001(000.518), 003.002(000.542), 003.003(000.430)

Relevant Products

Click on a version to see all relevant bugs

Affected versions:003.001(000.518), 003.002(000.542), 003.003(000.430)

Fixed versions: 003.004(000.608), 003.005(000.527), 2.7.0-P10, 3.1.0.518-Patch10, 3.2.0.542-Patch7, 3.3.0.430-Patch3

Relevant Products

Click on a version to see all relevant bugs

Affected versions:003.001(000.518), 003.002(000.542), 003.003(000.430)

Fixed versions: 003.004(000.608), 003.005(000.527), 2.7.0-P10, 3.1.0.518-Patch10, 3.2.0.542-Patch7, 3.3.0.430-Patch3

Top Cisco Defects

9.7Defect ID: CSCwj74769
After [non]pairwise key enabling and reboot, bfd ip and port mismatch on device.
9.7Defect ID: CSCvd48893
Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability
9.7Defect ID: CSCwk61938
ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"
9.7Defect ID: CSCvv15096
9200L: SYS-3-CPUHOG: Task is running for (2843)msecs, more than (2000)msecs process = SAUtilReport.
9.7Defect ID: CSCvp81958
IOS-XE device hitting "No connections to Shell Manager available for processing the command"

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwk61938

ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"

Cisco - Defect ID: CSCwk61938

ISE Evaluate OpenSSH CVE-2024-6387 "regreSSHion"

Last updated on November 17th, 2025

BugZero Risk Score9.7 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
9.7 High