Summary:
0 new OPEN, 1 new PRO (0 + 1)
Out-of-band release for CVE-2024-6387. Realistically, we cannot detect this with what Suricata has available at the moment and this should not be used as a solid indicator of CVE-2024-6387 activity. This simply highlights assets running a version of OpenSSH that is vulnerable to CVE-2024-6387.
Added rules:
Pro:
- 2857461 - ETPRO EXPLOIT Server Responded with Vulnerable OpenSSH Version (CVE-2024-6387) (exploit.rules)