Info
Document Version
Release Date
Details
3
April 3, 2024
Updated Resolution with permanent fix.
2
March 5, 2024
Updated Resolution.
1
February 8, 2024
Original Document Release.
HPE SimpliVity is impacted by the recent security vulnerability, CVE-2023-48795; this vulnerability is also known as the Terrapin Attack. Read more details about the vulnerability
here
.
The next release of SimpliVity OmniStack will contain an updated version of OpenSSH which will mitigate this issue. Find below details on a workaround that can be applied to active versions of OmniStack.
Scope
SimpliVity Engineering has qualified a workaround to CVE-2023-48795 for the active versions of OmniStack:
4.2.0
4.1.3
4.1.2
Resolution
This issue has been solved with
HPE SimpliVity OmniStack 5.0.0
.
For previous versions, contact
HPE Support
for assistance implementing the workaround, reference Document ID a00138174en_us.
RECEIVE PROACTIVE UPDATES
: Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL:
HPE Email Preference Center.
NAVIGATION TIP:
For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the
Navigation Tips document.
SEARCH TIP:
For hints on locating similar documents on HPE.com, refer to the
Search Tips document.
