1 Rookie
•
3 Posts
0
2573
July 31st, 2023 17:00
OpenSSH vulnerabilities on iDracs
Our vulnerability scanner detected multiple vulnerabilities on OpenSSH running on iDrac9. The solution is to update the OpenSSH version to 9.3p2.
I've tried installing the latest iDrac firmware version 7 however, it did not address the vulnerability.
Is there a workaround for this?
I can no longer open a case with Dell as our license has expired.
Appreciate for the response.
No Events found!
DELL-Joey C
Moderator
•
3.9K Posts
0
July 31st, 2023 23:00
Hi @fcana,
Usually for vulnerabilities, a support case need to be opened and pass to the engineering for checks. Unfortunately the community support here would not be much help. Was thinking of suggesting if there are any possibilities to disable SSH, but that would affect the iDRAC to function well. Have you tried contacting the support, or it's just an assumption that support case cannot be open because of no warranty contract? Do give a try.
fcana
1 Rookie
•
3 Posts
0
July 31st, 2023 23:00
Hi Joey.
Thanks for the response.
I usually open a ticket to tech support if it is related to vulnerability, unfortunately since our license has expired, when I go to support page, all options to raise a ticket are grayed-out.
Do you know any link/page within Dell where I can raise a ticket for users/company that did not renew license?
Thanks
DELL-Joey C
Moderator
•
3.9K Posts
0
August 1st, 2023 01:00
Hi @fcana,
The only link that I know of, to raise or submit an issue is the same as you have used in https://dell.to/3QmB3jg.
Yeah, the options are greyed out, but call support for raising a case is still open for assistance. Try making a call for vulnerability report.