PAN Notification: Application and Threat Content Update - Version 567

Dear Teneo Customer

Palo Alto Networks has released this emergency content update to detect the presence of network traffic with SSLv2 Weak RSA Ciphers. An attacker can potentially use a padding oracle flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. Customers are advised to upgrade all devices to the latest Applications and Threats Apps content version and review security policy rules to ensure desired actions are configured for each rule.

Modified Decoders (1)

Name: ssl

New Vulnerability Signatures (1)

Severity           ID                      Attack Name                                   CVE ID                                               Default Action    Minimum PAN-OS Version

informational    38924                 SSL Version 2                                 CVE-2016-0800 and CVE-2016-0703         alert                              5.0.0
                                                Weak RSA Cipher Detected

What if I need help?

If you have any questions regarding this notification please don’t hesitate to reach out to us, or visit our support portal. 

You can contact us on our 24 x 7 support number or mail us support@teneo.net

EMEA:  +44 (0)845 299 0623
US:  +1 877 836 3610
APAC:  +61 1800 765 389

Thanks

Teneo Support