Dear Teneo Customer
Palo Alto Networks has released this emergency content update to detect the presence of network traffic with SSLv2 Weak RSA Ciphers. An attacker can potentially use a padding oracle flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. Customers are advised to upgrade all devices to the latest Applications and Threats Apps content version and review security policy rules to ensure desired actions are configured for each rule.
Modified Decoders (1)
Name: ssl
New Vulnerability Signatures (1)
Severity ID Attack Name CVE ID Default Action Minimum PAN-OS Version
informational 38924 SSL Version 2 CVE-2016-0800 and CVE-2016-0703 alert 5.0.0
Weak RSA Cipher Detected
What if I need help?
If you have any questions regarding this notification please don’t hesitate to reach out to us, or visit our support portal.
You can contact us on our 24 x 7 support number or mail us support@teneo.net
EMEA: +44 (0)845 299 0623
US: +1 877 836 3610
APAC: +61 1800 765 389
Thanks
Teneo Support
Comments
0 comments
Article is closed for comments.