Disabling / updating SSH version used on MGE UPS

jayceelourens_apc · ‎2021-07-01

This was originally posted on APC forums on 10/13/2014

Hi there

We have an MGE Galaxy PW UPS used in our DC. The UPS is network connected, essentially just for monitoring purposes

In our environment, we perform regular security scans across our whole network. In the most recent scan, it was picked up that the version of SSH used on the UPS (version 1) is noted as vulnerable

To remediate the issue, we either have to disable the SSH, or upgrade it to a secure version. I've tried checking on the web interface for any such option, but I could not find anything that ties directly to SSH

The current version of the UPS firmware is KA.COM300S301IC303, and the firmware version on the NIC is KA (SN 49em01382)

Could an issue like this (outdated SSH version) be corrected with a firmware update, or is there an alternative interface on the unit I can access, from where I could have access to additional configuration?

Thanks

BillP · ‎2021-07-01

This reply was originally posted by Angela on APC forums on 10/23/2014

I am checking again. So far I know one thing was adding 1024bits security certificates for IE. Still waiting on the SSH and we hope to know by tomorrow and I'll reply back. I apologize for the delay!

See Answer In Context

BillP · ‎2021-07-01

This reply was originally posted by Angela on APC forums on 10/23/2014

I am checking again. So far I know one thing was adding 1024bits security certificates for IE. Still waiting on the SSH and we hope to know by tomorrow and I'll reply back. I apologize for the delay!