Vulnerable OpenSSH version - Security-related access restrictions
This page provides information regarding bwCloud and the the security vulnerability from CVE-2024-6387 / RegreSSHion in the OpenSSH server.
bwCloud Region Ulm (Update 2024-07-16, 5:30 pm)
The SSH port 22 in the bwCloud Ulm is temporarily blocked.
We expect this block to remain in place for several more days.
SSH access to bwCloud Ulm from external sources is now allowed again.
bwCloud Region Freiburg (Update 2024-07-11, 09:00 am)
The SSH port 22 in the bwCloud Freiburg is blocked for all instances, running a vulnerable OpenSSH Server version.
Access is only possible from the internal network of the University of Freiburg.
If users are able to do so, they must establish a VPN connection to the University of Freiburg network in order to access instances.
We are aware that users without SSH access and outside the University of Freiburg network will find it difficult to install an update on the instances.
We are working with several parties to break this deadlock.
In order to give users the opportunity to continue running services, we are currently refraining from stopping affected instances.
This means that there is still the possibility of attacks from the University of Freiburg network.
Call to action
All users of the bwCloud Freiburg are requested to take action. The latest version of the OpenSSH service must be operated on existing instances and secured by appropriate configurations. Updates are available for all vulnerable operating systems.
Alternatively, users can stop their instances themselves via the dashboard.
Images provided
The operating system images provided by bwCloud Freiburg are also affected. Users must independently install a (complete) update on their instances. An updated version of all affected images is uploaded to the bwCloud.
Further procedure
To give you the opportunity to secure your instances in the bwCloud Freiburg, the following measures will be taken.
- All blocks for port 22 will be lifted.
- Federal users will be able to secure their instances until 17.07.2024.
- From 18.07.2024, all services with a vulnerable SSH server will be stopped.