https://live.paloaltonetworks.com/t5/general-topics/remote-command-execution-vulnerability/m-p/586554#M117063 <P>Hi,</P> <P>We have detected so may critical vulnerability in our firewall . i have attached the screenshots.&nbsp;</P> <P>1.is there a way to avoid these kind of traffic?</P> <P>2.where can i find more about how to block these kind of traffic?</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 14 May 2024 05:10:06 GMT pyrainath 2024-05-14T05:10:06Z https://live.paloaltonetworks.com/t5/general-topics/remote-command-execution-vulnerability/m-p/586554#M117063 <P>Hi,</P> <P>We have detected so may critical vulnerability in our firewall . i have attached the screenshots.&nbsp;</P> <P>1.is there a way to avoid these kind of traffic?</P> <P>2.where can i find more about how to block these kind of traffic?</P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 14 May 2024 05:10:06 GMT https://live.paloaltonetworks.com/t5/general-topics/remote-command-execution-vulnerability/m-p/586554#M117063 pyrainath 2024-05-14T05:10:06Z https://live.paloaltonetworks.com/t5/general-topics/remote-command-execution-vulnerability/m-p/586575#M117065 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/1278486673">@pyrainath</a> ,</P> <P>&nbsp;</P> <P>Using TID 58474 as an example.&nbsp;</P> <P>As you can see you will find this TID in a vulnerability profile:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="kiwi_0-1715665663426.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/59657iD95DAFB089569402/image-size/large?v=v2&amp;px=999" role="button" title="kiwi_0-1715665663426.png" alt="kiwi_0-1715665663426.png" /></span></P> <P>&nbsp;</P> <P>In this case the default action is "Reset-Both" but you can change it to whatever action you would like to configure:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="kiwi_1-1715665741505.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/59658i474838AE4114877A/image-size/medium?v=v2&amp;px=400" role="button" title="kiwi_1-1715665741505.png" alt="kiwi_1-1715665741505.png" /></span></P> <P>&nbsp;</P> <P>Don't forget that you need to assign the vulnerability profile to your security rules so that the appropriate actions apply:</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="kiwi_2-1715666047745.png" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/59659iEB703C7A3788757C/image-size/large?v=v2&amp;px=999" role="button" title="kiwi_2-1715666047745.png" alt="kiwi_2-1715666047745.png" /></span></P> <P>&nbsp;</P> <P>&nbsp;</P> <P>With the appropriate security profiles in place you're already better protected.</P> <P>&nbsp;</P> <P>The following DOC is a good resource to create best practice security profiles:</P> <P>&nbsp;</P> <P><STRONG><A href="https://docs.paloaltonetworks.com/best-practices/internet-gateway-best-practices/best-practice-internet-gateway-security-policy/create-best-practice-security-profiles" target="_blank" rel="noopener">Create Best Practice Security Profiles</A></STRONG></P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Tue, 14 May 2024 06:02:29 GMT https://live.paloaltonetworks.com/t5/general-topics/remote-command-execution-vulnerability/m-p/586575#M117065 kiwi 2024-05-14T06:02:29Z