This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

How to address CVE-2022-37026 vulnerability in Expedition

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to address CVE-2022-37026 vulnerability in Expedition

lychiang
L6 Presenter

on ‎12-14-2022 10:20 AM - edited on ‎04-23-2024 06:25 AM by

No ratings
Updated April 23, 2024: adding new repository to get erlang > 25+ packages

Symptoms

Expedition is vulnerable to CVE-2022-37026, below are the Detail about the vulnerability :

In Erlang/OTP before 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there is a Client Authentication Bypass in certain client-certification situations for SSL, TLS, and DTLS.

 

Diagnosis

Issue below command in Expedition CLI:

$apt list --installed | grep erlang 

the result will show erlang package is v22.x which is vulnerable to the CVE

 

Solution

Summary: Run below commands in Expedition CLI to add new repositories and upgrade the two packages to the stated version:

 

rabbitmq-server: 3.11.4-1
erlang: 25.0.4

 

-------------------------------------------------------------------------------------

// execute below commands as root

sudo -su root

// stop mysql service so Expedition is not available

service mysql stop

// remove any potential version installed

apt-get remove rabbitmq-server && apt-get purge rabbitmq-server

apt-get remove erlang && apt-get purge erlang

apt autoremove

// disable the legacy repository for erlang > 25+ packages

echo "#deb https://packages.erlang-solutions.com/ubuntu focal contrib" | sudo tee /etc/apt/sources.list.d/erlang-solution.list
echo "#deb [trusted=yes] http://www.rabbitmq.com/debian/ testing main" | sudo tee /etc/apt/sources.list.d/rabbitmq.list

// update the apt list

apt update

// add the new repository storing erlang > 25+ packages
add-apt-repository -y ppa:rabbitmq/rabbitmq-erlang-25

// update the apt list

apt update

// add the rabbitmq repository

$curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | sudo bash

// update the apt list
apt update

// fix any broken dependency 

sudo apt --fix-broken install

// install the rabbitmq-server

$apt-get install rabbitmq-server=3.11.4-1

// remove any unneeded package

$apt autoremove

$apt purge

// start the mysql service to make Expedition available

$service mysql start

 

Verify the two packages are updated with the required version with below commands:

 

$apt list --installed | grep erlang 

$apt list --installed | grep rabbitmq-server

 

Screen Shot 2022-12-14 at 9.02.49 AM.png

 

Rate this article:
0 Likes Likes
  • 3972 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Article Dashboard
Version history
Last Updated:
‎04-23-2024 06:25 AM
Updated by:
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks