S-Filer Portal™ is a complete solution that enables large and small organizations to meet all of their enterprise needs for secure file transfer and storage.
Is S-Filer/Portal vulnerable to CVE-2023-48795 affecting the SSH protocol?
Short answer
Yes. S-Filer/Portal uses a library called Maverick SSHD from Jadaptive to support SFTP transfers and it is a file transfer protocol built on top of SSH. Since CVE-2023-48795 is a protocol level vulnerability in SSH, the library is affected by this CVE.
This is why we are releasing today patched versions of S-Filer/Portal 4.14.11, 4.15.7, 4.16.3, 4.17.7, 4.18.3. The most recent version 4.19.0 was held back to include this patch and will also be released today.
Long answer
On December 13th, Jadaptive warned us that a CVE had been identified in their library and that a patch for it would be coming on December 18th. There was no information about the CVE apart from the number: CVE-2023-48795, so very little to work on to determine if S-Filer/Portal was vulnerable. The warning did mention that OpenSSH and other SSH libraries were also affected which hinted at a vulnerability at the protocol level and this seemed important. OKIOK decided to treat this vulnerability as a critical vulnerability itself and provided an advanced warning to its client that it would release a patched version of S-Filer/Portal on December 19th.
The details of this vulnerability have been released on December 18th at: https://terrapin-attack.com/. This revealed that the “patch” is actually implementing a new key exchange protocol (“strict-kex”) as an extension and that both the SSH server and client need to be patched in order to mitigate the vulnerability. The report also revealed that some ciphers were not vulnerable even without the new key exchange protocol.
How severe is this vulnerability?
OKIOK does not consider it a critical vulnerability, even though the CVSS 3 score has not be computed officially for this CVE. Initially, we treated this vulnerability as a critical vulnerability because there was no information about it, but our opinion has changed in light of the detailed description of the vulnerability.
Here are the main points for our analysis:
- A malicious user already needs to be able to intercept and modify packets in the TCP connection in order to enable this attack.
- The attacker can remove consecutive unencrypted SSH messages in the initial part of the SSH handshake. The only impact that the security researchers were able to identify is that the attacker could remove a message indicating that the SSH client and server want to enable an extension for “keystroke timing obfuscation” introduced in OpenSSH 9.5 and this is assuming that the client and server both support this extension.
How was S-Filer/Portal patched?
First, the patched versions of S-Filer/Portal include the patched version of the Maverick SSHD library supporting the new key exchange protocol “strict-kex”. Second S-Filer/Portal supports settings to manage ciphers in security protocols like SSH. In “Strong cipher” mode, only the strongest ciphers are allowed and OKIOK has removed the CHACHA20-POLY1305 from this list because of this vulnerability (other ciphers mentioned in the “Terrapin attack” were already considered weak). In “Allow weak” mode, all ciphers are allowed and this has not changed in this patched version. In “Custom” mode, the client decides which ciphers it wants to allow or not, OKIOK has not changed these, clients must update the value if they want to change supported ciphers.
Note that simply patching the SSH server to support the new “strict-kex” protocol is not enough since clients that do not support it will still use the old vulnerable protocol. This is why, removing vulnerable ciphers is important as well since unpatched clients would then negotiate a strong cipher that is not vulnerable to this attack. However, this assumes that the vulnerable client supports at least one of the strong ciphers.
Is my S-Filer/Portal instance vulnerable?
If you are a SaaS customer, OKIOK will patch the SaaS instance in the agreed upon patch window. By default all SaaS instances use automatically managed strong ciphers and will not be vulnerable once they are patched. If you have requested some weak ciphers on the SFTP protocol for compatibility with older SSH clients, OKIOK recommends that you review whether they are still needed.
If you are an on-prem customer, you should update to the patched version, review which ciphers you are using and follow the recommendations regarding ciphers.
Reference
https://terrapin-attack.com/
https://nvd.nist.gov/vuln/detail/CVE-2023-48795
OKIOK support team
