https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338334#M85087 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/71795">@preetpk</a>,</P> <P>The linked topic you have listed is talking about SSH, not SSL. You'll want to take a look at the KB article below to get this fixed.</P> <P>&nbsp;</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmqeCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmqeCAC</A></P> Tue, 14 Jul 2020 03:23:59 GMT BPry 2020-07-14T03:23:59Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338002#M85051 <P>We used Nessus tool to run security scan on the PA-5020 &amp; PA-3020 series &amp; it identified with the following below medium vulnerability:</P><P><BR /><STRONG>"The remote host supports the use of SSL ciphers that offer medium&nbsp; strength encryption"</STRONG></P><P>&nbsp;</P><P>Please let me know, for any fix to this vulnerability.</P><P>&nbsp;</P><P>I found one solution for the same in below link. Just want to check if below solution will fix this vulnerability, also will there be any impact will making below configuration changes - as, "will Firewall SSH remote admin access will impacted"</P><P>&nbsp;</P><P><A href="https://live.paloaltonetworks.com/t5/general-topics/how-to-disable-ssh-weak-algorithm-supported/td-p/204407" target="_blank">https://live.paloaltonetworks.com/t5/general-topics/how-to-disable-ssh-weak-algorithm-supported/td-p/204407</A></P> Mon, 13 Jul 2020 07:16:57 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338002#M85051 preetpk 2020-07-13T07:16:57Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338334#M85087 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/71795">@preetpk</a>,</P> <P>The linked topic you have listed is talking about SSH, not SSL. You'll want to take a look at the KB article below to get this fixed.</P> <P>&nbsp;</P> <P><A href="https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmqeCAC" target="_blank">https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000CmqeCAC</A></P> Tue, 14 Jul 2020 03:23:59 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338334#M85087 BPry 2020-07-14T03:23:59Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338608#M85124 <P>Thanks for the update. Will there be any impact will implementing this changes - like losing Firewall remote management access.</P> Wed, 15 Jul 2020 09:39:00 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssl-ciphers-that-offer-medium-strength-encryption/m-p/338608#M85124 preetpk 2020-07-15T09:39:00Z