Citrix has launched a security bulletin detailing a crucial vulnerability (CVE-2024-31497) affecting certain versions of their Citrix Hypervisor virtualization platform.

The scream stems from the inclusion of a inclined version of the everyday PuTTY SSH consumer in XenCenter, the management console for Citrix Hypervisor.

EHA

Versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Commence (LTSR) ahead of 8.2.6 integrated PuTTY to permit SSH connections from XenCenter to guest virtual machines.

Alternatively, PuTTY versions ahead of 0.81 contained a flaw in generating ECDSA encryption keys utilizing the NIST P-521 curve.

This vulnerability would perhaps allow an attacker who controls a guest VM to pick the SSH non-public key of a XenCenter administrator who uses that key to authenticate to the compromised VM over SSH.

Doc

Free Webinar : Live API Assault Simulation

94% of organizations ride security considerations in manufacturing APIs, and one in 5 suffers an recordsdata breach. As a consequence, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this development continues to upward push:

Key Takeaways:

An exploit of OWASP API High 10 vulnerability
A brute drive ATO (Myth Takeover) attack on API
A DDoS attack on an API
Certain security mannequin automation to cease API attacks

Launch protecting your APIs from hackers

Acquiring the non-public key would allow the attacker to accomplish unauthorized salvage entry to to assorted systems and services and products utilizing the same key.

The flaw would perhaps also allow supply chain attacks if the compromised keys are susceptible for services and products like Git that host tool source code.

Along with to Citrix Hypervisor, the PuTTY vulnerability impacts a complete lot of assorted products that bundled the affected versions, collectively with FileZilla, WinSCP, TortoiseGit, and TortoiseSVN.

To mitigate the likelihood, Citrix has deprecated the inclusion of PuTTY, beginning with XenCenter version 8.2.6 for Citrix Hypervisor 8.2 CU1 LTSR. Versions 8.2.7 and later will no longer encompass PuTTY.

Potentialities who desire to continue utilizing the SSH console functionality in XenCenter are educated to update PuTTY to version 0.81 or later.

Citrix emphasized that versions of XenCenter for the more contemporary XenServer 8 hypervisor non-public by no plot integrated PuTTY and are no longer affected[6].

The firm recommends that every person potentialities subscribe to signals for security bulletins and address any skill vulnerabilities severely.

The PuTTY vulnerability has been assigned a CVSS severity rating of 5.9.

Citrix potentialities utilizing impacted versions of XenCenter with PuTTY are impressed to take instant action by updating PuTTY or taking away it if the SSH functionality will not be any longer wanted.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor

Free Webinar : Live API Assault Simulation

Zscaler Investigating Data Breach After Hacker Claims Access for Sale

Golang Vulnerability Alert: Remote Code Execution & Infinite Loop DNS Lookup

Related Posts