Help

Open SSH Vulnerability

marc_martinez
New Contributor

Posted on ‎09-19-2024 04:49 PM

For older Apple hardware that cannot run Mac OS Sonoma, how do you use jamf pro to install SSH version 9.8?

OpenSSH

Available for: macOS Sonoma

Impact: A remote attacker may be able to cause arbitrary code execution

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2024-6387

 

Reply
3 REPLIES 3

obi-k
Valued Contributor III

Posted on ‎09-20-2024 04:59 AM

Was hoping macOS 14.7 patched this. This was updated with macOS 15.0.

 

May need to ask Apple.

Reply

AJPinto
Honored Contributor III

Posted on ‎09-20-2024 05:26 AM

You don't. You need hardware standards and device refresh cycles. This is just the risk you must accept for running N-1 or even worse N-3 and older apple software.

0 Kudos
Reply

sdagley
Esteemed Contributor II

Posted on ‎09-20-2024 11:23 AM

This is an example of Apple's "Only the latest version of macOS will get all of the vulnerability fixes" policy in action. It would have been nice if they'd provided parity between 14.7 and 15.0 with security fixes, but nobody needs to delay upgrading their entire environment to macOS 15.0 right? <sarcasm/>

Reply