Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-11511: Nessus security scanner showing libssh vulnerability in Centrify Connectors

Privileged Access Service ,  

26 January,19 at 03:44 AM

Problem: Nessus security scanner reports a libssh vulnerability in Centrify Connectors

Cause: The Centrify connector uses /n Software's SSH server library.  This library, while similar to libssh, does not contain the libssh that is reported by the Nessus security scan report.  However, during the scan, a different vulnerability, 
that caused a channel to be opened for a short window when it should not have been open, was discovered.

Resolution: That issue was subsequently fixed by /n Software.   The library with the fix, /n Software version 16.0.6883.0,  is built into Centrify Privileged Access Service 18.11 connectors.  Installing the 18.11 Centrify connector will resolve the Nessus security scan report.