Summary

Symantec, A Division of Broadcom is investigating CVE-2024-6387 "Regresshion", which is a vulnerability in OpenSSH. 

Affected Product(s)

No Symantec products are confirmed affected at this time.

Additional Product Information

The following products are not vulnerable:

Advanced Secure Gateway (ASG)
BCAAA
Carbon Black Cloud Sensor
Carbon Black EDR Sensor
Carbon Black App Control Server
Carbon Black App Control Agent
Carbon Black Cloud CWP Appliance
Carbon Black Cloud Sensor Gateway
Carbon Black EDR Server
CloudSOC Cloud Access Security Broker (CASB)
Cloud Workload Protection (CWP)
Critical System Protection (CSP)
Data Center Security (DCS)
Data Loss Prevention (DLP)
Data Loss Prevention Cloud
Edge Secure Web Gateway (SWG)
Email Security.cloud
HSM Agent
Industrial Control System Protection (ICSP)
Information Centric Analytics (ICA)
Integrated Secure Gateway (ISG)
IT Analytics (ITA)
LiveUpdate Administrator (LUA)
Management Center (MC)
Mirror Gateway
Reporter
Secure Access Cloud (SAC) 
SSL Visibility (SSLV)
Symantec Endpoint Detection and Response (EDR) On-premise
Symantec Endpoint Protection (SEP) Agent
Symantec Endpoint Protection Manager (SEPM)
Symantec Endpoint Protection (SEP) for Mobile
Symantec Endpoint Security (SES)
Symantec Insight for Private Clouds
Symantec Mail Security for Microsoft Exchange (SMSMSE)
Symantec Protection Engine (SPE)
Symantec Protection for SharePoint Servers (SPSS)
Threat Defense for Active Directory (TDAD)
Web Isolation (WI) On-Premise
Web Isolation (WI) Cloud

The following products are under investigation:

Content Analysis
Cloud Secure Web Gateway (Cloud SWG)

References

• OpenSSH "Regresshion" - https://nvd.nist.gov/vuln/detail/CVE-2024-6387

Revisions

2024-07-09 10:30 PT - Initial Release
2024-07-19 13:30 PT - Multiple products updated to not vulnerable