Help
  • Get started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
Login / Register
Brand Logo
Help
  • Get started
  • Ask the Community
  • How-To & Best Practices
  • Contact Support
close
  • Community Home
  • Forums
    • By Topic
    • By Topic
      EcoStruxure Building
      • Field Devices Forum
      • SmartConnector Forum
      EcoStruxure Power & Grid
      • Gateways and Energy Servers
      • Metering & Power Quality
      • Protection & Control
      APC UPS, Critical Power, Cooling and Racks
      • APC UPS Data Center & Enterprise Solutions Forum
      • APC UPS for Home and Office Forum
      EcoStruxure IT
      • EcoStruxure IT forum
      • EcoStruxure IT™ Advisor CFD
      Remote Operations
      • EcoStruxure Geo SCADA Expert Forum
      • Remote Operations Forum
      Industrial Automation
      • Alliance System Integrators Forum
      • AVEVA Plant SCADA Forum
      • CPG Expert Forum DACH
      • EcoStruxure Automation Expert / IEC 61499 Forum
      • Fabrika ve Makina Otomasyonu Çözümleri
      • Harmony Control Customization Forum
      • Industrial Edge Computing Forum
      • Industry Automation and Control Forum
      • Korea Industrial Automation Forum
      • Machine Automation Forum
      • Modicon PAC Forum
      • PLC Club Indonesia
      Schneider Electric Wiser
      • Schneider Electric Wiser Forum
      Power Distribution IEC
      • Eldistribution & Fastighetsautomation
      • Elektrik Tasarım Dağıtım ve Uygulama Çözümleri
      • Paneelbouw & Energie Distributie
      • Power Distribution and Digital
      • Solutions for Motor Management
      • Specifiers Club ZA Forum
      • Електропроектанти България
      Power Distribution NEMA
      • Power Monitoring and Energy Automation NAM
      Power Distribution Software
      • EcoStruxure Power Design Forum
      • LayoutFAST User Group Forum
      Energy & Sustainability Services
      • Green Building Scoring and Certification Forum
      Light and Room Control
      • SpaceLogic C-Bus Forum
      Solutions for your Business
      • Solutions for your Business Forum
      Support
      • Ask the Community
  • Knowledge Center
    • Building Automation Knowledge Base
    • Remote Operations Devices Knowledge Base
    • Geo SCADA Knowledge Base
    • Industrial Automation How-to videos
    • Digital E-books
    • Success Stories Corner
    • EcoStruxure IT Help Center
  • Events & Webinars
    • All Events
    • Innovation Talks
    • Innovation Summit
    • Let's Exchange Series
    • Partner Success
    • Process Automation Talks
    • Technology Partners
  • Ideas
    • EcoStruxure Building
      • EcoStruxure Building Advisor Ideas
      Remote Operations
      • EcoStruxure Geo SCADA Expert Ideas
      • Remote Operations Devices Ideas
      Industrial Automation
      • Modicon Ideas & new features
  • Blogs
    • By Topic
    • By Topic
      EcoStruxure Power & Grid
      • Backstage Access Resources
      EcoStruxure IT
      • EcoStruxure IT™ Advisor CFD
      Remote Operations
      • Remote Operations Blog
      Industrial Automation
      • Industrie du Futur France
      • Industry 4.0 Blog
      Power Distribution NEMA
      • NEMA Power Foundations Blog
      Energy & Sustainability Services
      • Active Energy Management Blog
      Light and Room Control
      • KNX Blog
      Knowledge Center
      • Digital E-books
      • Geo SCADA Knowledge Base
      • Industrial Automation How-to videos
      • Remote Operations Devices Knowledge Base
      • Success Stories Corner
  • companyImpact

Important Announcement: Protecting our Community from Spam Events

Dear Members, we apologize for any disruption or inconvenience caused by the recent spam incidents, and we want to assure you that our dedicated team is actively investigating each reported instance of spam and implementing robust measures to mitigate the impact. Learn more on Spams Mitigation Guidelines

Thank you,

Schneider Electric Community Team

Vulnerability question DCE 7.7

EcoStruxure IT forum

Schneider Electric support forum about installation, configuration for Data Center Operation, Data Center Expert, EcoStruxure IT, NetBotz, DCIM, IT Advisor.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • Home
  • Communities
  • EcoStruxure IT
  • EcoStruxure IT forum
  • Vulnerability question DCE 7.7
Options
  • Subscribe to RSS Feed
  • Mark Topic as New
  • Mark Topic as Read
  • Float this Topic for Current User
  • Bookmark
  • Subscribe
  • Mute
  • Printer Friendly Page
Invite a Co-worker
Send a co-worker an invite to the portal.Just enter their email address and we'll connect them to register. After joining, they will belong to the same company.
You have entered an invalid email address. Please re-enter the email address.
This co-worker has already been invited to the Exchange portal. Please invite another co-worker.
Please enter email address
Send Invite Cancel
Invitation Sent
Your invitation was sent.Thanks for sharing Exchange with your co-worker.
Send New Invite Close
Top Experts
User Count
Jef
Captain Jef Captain
79
APC_Steve
Commander APC_Steve Commander
55
gsterling
Commander gsterling Commander
50
Cory_McDonald
Lt. Commander Cory_McDonald Lt. Commander
15
View All

Invite a Colleague

Found this content useful? Share it with a Colleague!

Invite a Colleague Invite
Solved Go to Solution
Back to EcoStruxure IT forum
Solved
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:48 PM

0 Likes
7
610
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:48 PM

Vulnerability question DCE 7.7

This question was originally posted on DCIM Support by Cees de Vogel on 2019-07-18


Hi team,

Customer had the following question:

This vulnerability was identified because (1) jQuery 1.11.1 has reached its end-of-life and is no longer supported by the vendor, consider upgrading to a newer supported version

OpenSSH: Brute-Force Authentication Protection Bypass Vulnerability

OpenSSH: Untrusted Search Path Vulnerability

OpenSSH: Shared Memory Manager Privilege Escalation Vulnerability

OpenSSH: Password Length Limitation Denial of Service Vulnerability

OpenSSH: Security Bypass Vulnerability

The above is solved in OpenSSH version 7.9p1 or higher,

What version do we have in DCE 7.7

 

(CID:147196454)

Labels
  • Labels:
  • Data Center Expert
Reply

Link copied. Please paste this link to share this article on your social media post.

  • All forum topics
  • Previous Topic
  • Next Topic

Accepted Solutions
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

0 Likes
1
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This answer was originally posted on DCIM Support by Jackie Lehr on 2019-07-22


Hi Cees de Vogel,

Security scan results are listed here: https://sxwhelpcenter.ecostruxureit.com/display/UADCE725/Security+fixes+in+StruxureWare+Data+Center+...

CVE-2015-5600 and CVE-2016-1908 are included, the others are not. Engineering will have to search prior scan results to give you a definite answer.

Best,

Jackie

(CID:147197147)

See Answer In Context

Reply

Link copied. Please paste this link to share this article on your social media post.

Replies 7
DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

0 Likes
3
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This answer was originally posted on DCIM Support by Steven Marchetti on 2019-07-18


Hi Cees,

 

When I queried sshd in DCE 7.7.0, it returned:

OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013

Can you please provide a link to a web site or CVE showing the reported vulnerability to which you are referring?

 

Thanks,

Steve

(CID:147196560)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

In response to DCIM_Support
0 Likes
0
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This comment was originally posted on DCIM Support by Cees de Vogel on 2019-07-22


Hi Steve, 

Here the requested CVE information:

OpenSSH: Brute-Force Authentication Protection Bypass Vulnerability

CVE-2015-5600

 

OpenSSH: Untrusted Search Path Vulnerability

CVE-2016-10009

 

OpenSSH: Shared Memory Manager Privilege Escalation Vulnerability

CVE-2016-10012

 

OpenSSH: Password Length Limitation Denial of Service Vulnerability

CVE-2016-6515

 

OpenSSH: Security Bypass Vulnerability

CVE-2016-1908

 

 BR

Cees

(CID:147196997)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

In response to DCIM_Support
0 Likes
0
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This comment was originally posted on DCIM Support by Steven Marchetti on 2019-07-22


Thanks...I'll see if I can find anything from the engineering teams.

Steve

(CID:147197142)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

In response to DCIM_Support
0 Likes
0
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This comment was originally posted on DCIM Support by Cees de Vogel on 2019-07-22


Hi Steve,

Thanks for your response, check also answer Jackie,

BR

 

Cees

(CID:147197160)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

0 Likes
1
610
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This answer was originally posted on DCIM Support by Jackie Lehr on 2019-07-22


Hi Cees de Vogel,

Security scan results are listed here: https://sxwhelpcenter.ecostruxureit.com/display/UADCE725/Security+fixes+in+StruxureWare+Data+Center+...

CVE-2015-5600 and CVE-2016-1908 are included, the others are not. Engineering will have to search prior scan results to give you a definite answer.

Best,

Jackie

(CID:147197147)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

In response to DCIM_Support
0 Likes
0
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This comment was originally posted on DCIM Support by Cees de Vogel on 2019-07-22


Hi Jackie,

 

Thanks a lot 

 

BR Cees

(CID:147197159)

Reply

Link copied. Please paste this link to share this article on your social media post.

DCIM_Support
Picard DCIM_Support
Picard

Posted: ‎2020-07-05 08:49 PM

0 Likes
0
609
  • Mark as New
  • Bookmark
  • Subscribe
  • Mute
  • Subscribe to RSS Feed
  • Permalink
  • Print
  • Email to a Friend
  • Report Inappropriate Content

Link copied. Please paste this link to share this article on your social media post.

Posted: ‎2020-07-05 08:49 PM

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.

Reply

Link copied. Please paste this link to share this article on your social media post.

To The Top!

Forums

  • APC UPS Data Center Backup Solutions
  • EcoStruxure IT
  • EcoStruxure Geo SCADA Expert
  • Metering & Power Quality
  • Schneider Electric Wiser

Knowledge Center

Events & webinars

Ideas

Blogs

Get Started

  • Ask the Community
  • Community Guidelines
  • Community User Guide
  • How-To & Best Practice
  • Experts Leaderboard
  • Contact Support
Brand-Logo
Subscribing is a smart move!
You can subscribe to this forum after you log in or create your free account.
Forum-Icon

Create your free account or log in to subscribe to the forum - and gain access to more than 10,000+ support articles along with insights from experts and peers.

Register today for FREE

Register Now

Already have an account? Login

Terms & Conditions Privacy Notice Change your Cookie Settings © 2023 Schneider Electric, Inc