https://live.paloaltonetworks.com/t5/general-topics/qualys-scanner-reporting-openssh-authentication-bypass/m-p/578230#M115987 <TABLE> <TBODY> <TR> <TD class="label">Model</TD> <TD class="data">PA-3220</TD> </TR> </TBODY> </TABLE> <TABLE> <TBODY> <TR> <TD class="label">Software Version</TD> <TD class="data">10.2.8</TD> </TR> </TBODY> </TABLE> <P>Qualys scanner reporting OpenSSH Authentication Bypass Vulnerability</P> <P>Customers are advised to upgrade to<SPAN>&nbsp;</SPAN><A href="https://www.openssh.com/releasenotes.html#9.6p1" target="_blank" rel="noopener">OpenSSH 9.6p1</A><SPAN>&nbsp;</SPAN>or later to remediate this vulnerability.</P> <P>Patch</P> <P>Is this a true issue or false positive?</P> Fri, 23 Feb 2024 21:39:14 GMT GaryBrand 2024-02-23T21:39:14Z https://live.paloaltonetworks.com/t5/general-topics/qualys-scanner-reporting-openssh-authentication-bypass/m-p/578230#M115987 <TABLE> <TBODY> <TR> <TD class="label">Model</TD> <TD class="data">PA-3220</TD> </TR> </TBODY> </TABLE> <TABLE> <TBODY> <TR> <TD class="label">Software Version</TD> <TD class="data">10.2.8</TD> </TR> </TBODY> </TABLE> <P>Qualys scanner reporting OpenSSH Authentication Bypass Vulnerability</P> <P>Customers are advised to upgrade to<SPAN>&nbsp;</SPAN><A href="https://www.openssh.com/releasenotes.html#9.6p1" target="_blank" rel="noopener">OpenSSH 9.6p1</A><SPAN>&nbsp;</SPAN>or later to remediate this vulnerability.</P> <P>Patch</P> <P>Is this a true issue or false positive?</P> Fri, 23 Feb 2024 21:39:14 GMT https://live.paloaltonetworks.com/t5/general-topics/qualys-scanner-reporting-openssh-authentication-bypass/m-p/578230#M115987 GaryBrand 2024-02-23T21:39:14Z https://live.paloaltonetworks.com/t5/general-topics/qualys-scanner-reporting-openssh-authentication-bypass/m-p/578415#M116014 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/70373">@GaryBrand</a>&nbsp;,</P> <P>&nbsp;</P> <P>Is there a CVE included with the vulnerability? With any news regarding vulnerabilities, I would recommend verifying your source as well as researching the associated CVE.&nbsp;<SPAN>Security advisories issued by vendors and researchers almost always mention at least one CVE ID.&nbsp;</SPAN></P> <P>&nbsp;</P> <P><SPAN>If you take a look at OpenSSH security page there is a vulnerability reported on <A href="https://www.openssh.com/security.html" target="_self">July 19th by the Qualys team</A> that is assigned&nbsp;CVE-2023-38408.&nbsp;</SPAN></P> Tue, 27 Feb 2024 04:14:41 GMT https://live.paloaltonetworks.com/t5/general-topics/qualys-scanner-reporting-openssh-authentication-bypass/m-p/578415#M116014 JayGolf 2024-02-27T04:14:41Z