Is PowerChute Network Shutdown VM affected by CVE-2024-6387?
Issue:
PowerChute Network Shutdown version 5.1 VM is affected by CVE-2024-6387 if the SSH service has been enabled.
NOTE: By default, SSH is not enabled on the PowerChute AlmaLinux VM.
Products:
PowerChute Network Shutdown v5.1
Environment:
PowerChute Network Shutdown v5.1 AlmaLinux VM on VMware ESXi when SSH has been enabled.
Cause:
OpenSSH v 8.0p1-24.el8.x86_64
Solution:
Upgrade OpenSSH or disable the SSH service. Recommended to upgrade OpenSSH.
To upgrade OpenSSH, log into the PowerChute VM as root and run the command
dnf --refresh upgrade openssh
To verify OpenSSH has upgraded, run the command
rpm -q openssh
For more information on CVE-2024-6387 go to the link below.
https://almalinux.org/blog/2024-07-01-almalinux-9-cve-2024-6387/
PowerChute Network Shutdown version 5.1 VM is affected by CVE-2024-6387 if the SSH service has been enabled.
NOTE: By default, SSH is not enabled on the PowerChute AlmaLinux VM.
Products:
PowerChute Network Shutdown v5.1
Environment:
PowerChute Network Shutdown v5.1 AlmaLinux VM on VMware ESXi when SSH has been enabled.
Cause:
OpenSSH v 8.0p1-24.el8.x86_64
Solution:
Upgrade OpenSSH or disable the SSH service. Recommended to upgrade OpenSSH.
To upgrade OpenSSH, log into the PowerChute VM as root and run the command
dnf --refresh upgrade openssh
To verify OpenSSH has upgraded, run the command
rpm -q openssh
For more information on CVE-2024-6387 go to the link below.
https://almalinux.org/blog/2024-07-01-almalinux-9-cve-2024-6387/
Released for: Schneider Electric UK
Need help?
Product Selector
Quickly and easily find the right products and accessories for your applications.
Get a Quote
Start your sales inquiry online and an expert will connect with you.
Where to buy?
Easily find the nearest Schneider Electric distributor in your location.
Help Centre
Find support resources for all your needs, in one place.