topic Re: Is Pan-OS 10.1.12 susceptible to CVE-2023-51384 or CVE-2023-513845? in Advanced Threat Prevention Discussions https://live.paloaltonetworks.com/t5/advanced-threat-prevention/is-pan-os-10-1-12-susceptible-to-cve-2023-51384-or-cve-2023/m-p/583875#M2187 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/281059">@Michael_Woods</a>&nbsp;,</P> <P>&nbsp;</P> <P><SPAN>Regarding CVE-2023-51384, Palo Alto Firewall is not affected as we do not utilise the SSH agent associated with this vulnerability.</SPAN></P> <P>&nbsp;</P> <P>I'm guessing&nbsp;<SPAN>CVE-2023-513845 is a typo on your end and you mean&nbsp;CVE-2023-51385 ?</SPAN><BR /><SPAN>As for CVE-2023-51385, we already have coverage for this vulnerability through the Unique Threat ID: 94807. This threat has been categorised with a severity level of critical and the recommended action is set to reset-both.</SPAN><BR /><BR /><SPAN>To validate these assertions, you may refer to the following link:&nbsp;</SPAN><A href="https://threatvault.paloaltonetworks.com/?query=CVE-2023-51385&amp;type=" target="_blank" rel="noopener">https://threatvault.paloaltonetworks.com/?query=CVE-2023-51385&amp;type=</A></P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Tue, 16 Apr 2024 11:49:08 GMT kiwi 2024-04-16T11:49:08Z Is Pan-OS 10.1.12 susceptible to CVE-2023-51384 or CVE-2023-513845? https://live.paloaltonetworks.com/t5/advanced-threat-prevention/is-pan-os-10-1-12-susceptible-to-cve-2023-51384-or-cve-2023/m-p/583089#M2154 <P>Is Pan-OS 10.1.12 susceptible to CVE-2023-51384 or CVE-2023-513845?</P> <P>&nbsp;</P> <P>Our Tenable scans says it is, but I see no fix recommended for it (for any PAN-OS release).&nbsp; &nbsp;We have updated our ciphers to remediate CVE-2023-48795 but it also still shows up on our Tenable Nessus scan.</P> Tue, 09 Apr 2024 18:56:39 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/is-pan-os-10-1-12-susceptible-to-cve-2023-51384-or-cve-2023/m-p/583089#M2154 Michael_Woods 2024-04-09T18:56:39Z Re: Is Pan-OS 10.1.12 susceptible to CVE-2023-51384 or CVE-2023-513845? https://live.paloaltonetworks.com/t5/advanced-threat-prevention/is-pan-os-10-1-12-susceptible-to-cve-2023-51384-or-cve-2023/m-p/583875#M2187 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/281059">@Michael_Woods</a>&nbsp;,</P> <P>&nbsp;</P> <P><SPAN>Regarding CVE-2023-51384, Palo Alto Firewall is not affected as we do not utilise the SSH agent associated with this vulnerability.</SPAN></P> <P>&nbsp;</P> <P>I'm guessing&nbsp;<SPAN>CVE-2023-513845 is a typo on your end and you mean&nbsp;CVE-2023-51385 ?</SPAN><BR /><SPAN>As for CVE-2023-51385, we already have coverage for this vulnerability through the Unique Threat ID: 94807. This threat has been categorised with a severity level of critical and the recommended action is set to reset-both.</SPAN><BR /><BR /><SPAN>To validate these assertions, you may refer to the following link:&nbsp;</SPAN><A href="https://threatvault.paloaltonetworks.com/?query=CVE-2023-51385&amp;type=" target="_blank" rel="noopener">https://threatvault.paloaltonetworks.com/?query=CVE-2023-51385&amp;type=</A></P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Tue, 16 Apr 2024 11:49:08 GMT https://live.paloaltonetworks.com/t5/advanced-threat-prevention/is-pan-os-10-1-12-susceptible-to-cve-2023-51384-or-cve-2023/m-p/583875#M2187 kiwi 2024-04-16T11:49:08Z