{"id":8697,"date":"2024-05-19T15:15:57","date_gmt":"2024-05-19T06:15:57","guid":{"rendered":"https:\/\/cyberenso.jp\/?p=8697"},"modified":"2025-01-19T15:17:05","modified_gmt":"2025-01-19T06:17:05","slug":"citrix-releases-security-update-for-critical-putty-vulnerability-in-hypervisor","status":"publish","type":"post","link":"https:\/\/cyberenso.jp\/en\/citrix-releases-security-update-for-critical-putty-vulnerability-in-hypervisor\/","title":{"rendered":"Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor\u00a0"},"content":{"rendered":"\n<p>There is a critical vulnerability (CVE-2024-31497) in certain versions of Citrix&#8217;s Hypervisor virtualization platform that has been disclosed in a security bulletin from Citrix. An issue that stems from XenCenter, the management console for Citrix Hypervisors, has been identified, containing a vulnerable version of PuTTY SSH.Previous versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Release (LTSR) included PuTTY for SSH connections between XenCenter and the guest virtual machines.<br>The NIST P-521 curve was used by PuTTY before 0.81 to generate ECDSA encryption keys.The vulnerability could allow an attacker who controls a guest VM to determine the SSH private key of the XenCenter administrator who authenticates to the compromised VM over SSH.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>There is a critical vulnerability (CVE-2024-31497) in certain versions of Citrix&#8217;s Hypervisor virtualization platform that has been disclosed in a security bulletin from Citrix. An issue that stems from XenCenter, the management console for Citrix Hypervisors, has been identified, containing a vulnerable version of PuTTY SSH.Previous versions of XenCenter for Citrix Hypervisor 8.2 CU1 Long Term Service Release (LTSR) included<span class=\"excerpt-hellip\"> [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":8700,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,1],"tags":[],"class_list":["post-8697","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-uncategorized"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2025\/01\/gradient-ssl-illustration_52683-80409.jpg?fit=1060%2C706&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8697"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=8697"}],"version-history":[{"count":1,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8697\/revisions"}],"predecessor-version":[{"id":8702,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/8697\/revisions\/8702"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/8700"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=8697"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=8697"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=8697"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}