How to mitigate CVE-2023-48795 in Kaspersky Anti Targeted Attack Platform
Latest update: May 24, 2024
ID: 16027
Show applications and versions that this article concerns
- Kaspersky Anti Targeted Attack Platform 6.1
- Kaspersky Anti Targeted Attack Platform 6.0
- Kaspersky Anti Targeted Attack Platform 5.1
- Kaspersky Anti Targeted Attack Platform 5.0
- Kaspersky Anti Targeted Attack Platform 4.1
- Kaspersky Anti Targeted Attack Platform 4.0
To mitigate CVE-2023-48795:
- For version 6.0: update Kaspersky Anti Targeted Attack Platform to version 6.0.1 and follow the instructions below on each Sandbox server.
- For version 5.1 and earlier: if it is not possible to update the application, follow the instructions below on each Central Node, Sandbox and Sensor server.
- Switch to Technical Support Mode.
- Run the commands:
sudo su -
vim /etc/ssh/sshd_config
A file will open in a text editor.
- Check the opened file:
- If there is no line that starts with the Ciphers directive, add the line:
Ciphers aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com - If there is a line that starts with the Ciphers directive, replace it with the line:
Ciphers aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
- If there is no line that starts with the Ciphers directive, add the line:
- Save your changes and close the text editor.
- Run the command to restart the sshd service:
service sshd restart
- Run the command:
sshd -T | grep ciphers
- Make sure that the line chacha20-poly1305@openssh.com does not appear in the list after running the command.