OPERATIONAL DEFECT DATABASE
...
...
Document VersionRelease DateDetails3April 3, 2024Updated Resolution with permanent fix.2March 5, 2024Updated Resolution.1February 8, 2024Original Document Release.HPE SimpliVity is impacted by the recent security vulnerability, CVE-2023-48795; this vulnerability is also known as the Terrapin Attack. Read more details about the vulnerabilityhere.The next release of SimpliVity OmniStack will contain an updated version of OpenSSH which will mitigate this issue. Find below details on a workaround that can be applied to active versions of OmniStack.
SimpliVity Engineering has qualified a workaround to CVE-2023-48795 for the active versions of OmniStack:4.2.04.1.34.1.2
This issue has been solved withHPE SimpliVity OmniStack 5.0.0.For previous versions, contactHPE Supportfor assistance implementing the workaround, reference Document ID a00138174en_us.RECEIVE PROACTIVE UPDATES: Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL:HPE Email Preference Center.NAVIGATION TIP:For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to theNavigation Tips document.SEARCH TIP:For hints on locating similar documents on HPE.com, refer to theSearch Tips document.
Operating Systems Affected:Not Applicable
No external links available for this bug
Click on a version to see all relevant bugs
Hewlett Packard Enterprise Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
