- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
GSM7224v2h2 Vulnerabilities
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
GSM7224v2h2 Vulnerabilities
We've had a vulnerability scan done and our GSM7224v2h2 (M4100-26G) switches are reporting the following vulnerabilities:
ICMP Timestamp Reply Information Disclosure
TCP timestamps
Weak Host Key Algorithm(s) (SSH)
Weak Key Exchange (KEX) Algorithm(s) Supported (SSH)
Weak MAC Algorithm(s) Supported (SSH)
jQuery < 1.6.3 XSS Vulnerability
jQuery < 1.9.0 XSS Vulnerability
We're on the latest advertised firmware (10.0.2.35), but this doesn't seem to address any of these issues.
For TCP Timestamps, these need to be disabled, we can't just create overrides for compliance. I can't locate anywhere to disable these within either SSH or the web interface.
For the SSH keys, I've tried deleting and generating nex keys, but they are still weak algorithms
For jQuery, I can't find any way to update past the version of this firmware.
Does anyone have any recommendation to remediate these vulnerabilities?