Junos OS

Hi,

I have an SRX that has been scanned with vulnerability openSSH lower that 10.0. As per check in KB JunosOS built in with version 9.7 openSSH. Anyone or Juniper Support does know if Juniper has announced any release date or roadmap to use open SSH version 10.0 and above?

Thanks and regards,

is the scanner complaining about the version or specific vernerability? earlier i faced similar issue but in that case the same vernerability as patched in previous version and the installed opensshd version was slightly older. 

if it is specific CVS then please look in to work arounds for that specific vernerability before the opensshd is upgraded to latest release.

thank you,

If using Tenable Nessus, it appears they are merely checking the OpenSSh version present and flagging. However, per Juniper only certain versions of Junos OS Evolved is affected, we will be sure once you share the particular CVE's being flagged. Please check:

https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH

This article may also provide information to map Junos version to OpenSSH version present on  your device:

https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH

------------------------------
-Slicerpro
------------------------------