topic Re: OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top threats in Daily reports in General Topics https://live.paloaltonetworks.com/t5/general-topics/openssl-sslv2-man-in-the-middle-vulnerability-under-top-threats/m-p/409210#M92423 <P>this is a warning that the SSL traffic passing through might be exploited</P><P>&nbsp;</P><P>&nbsp;</P><P>from threatvault.paloaltonetworks.com:</P><P>OpenSSL is prone to a man-in-the-middle vulnerability while parsing certain crafted SSL requests. The vulnerability is due to the lack of proper checks on SSL requests, leading to an exploitable man-in-the-middle vulnerability. An attacker could exploit the vulnerability by sending crafted SSL requests. A successful attack could lead to remote code execution with the privileges of the server.</P><P>&nbsp;</P><P>&nbsp;</P><P>if you go into your threat logs, you should be able to pinpoint where these connections are coming from/going to and take appropriate action (patch server, block connection, add exception)</P><P>&nbsp;</P> Wed, 26 May 2021 13:20:42 GMT reaper 2021-05-26T13:20:42Z OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top threats in Daily reports https://live.paloaltonetworks.com/t5/general-topics/openssl-sslv2-man-in-the-middle-vulnerability-under-top-threats/m-p/409200#M92421 <P>I consistently get&nbsp;OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top Threats in Daily Reports.</P><P>What does this mean? am I getting attacked? is it reporting a vulnerability in devices?&nbsp;</P><P>At what level should I be concerned with this?</P> Wed, 26 May 2021 13:04:58 GMT https://live.paloaltonetworks.com/t5/general-topics/openssl-sslv2-man-in-the-middle-vulnerability-under-top-threats/m-p/409200#M92421 ghalbedel 2021-05-26T13:04:58Z Re: OpenSSL SSLv2 Man-in-the-Middle Vulnerability under Top threats in Daily reports https://live.paloaltonetworks.com/t5/general-topics/openssl-sslv2-man-in-the-middle-vulnerability-under-top-threats/m-p/409210#M92423 <P>this is a warning that the SSL traffic passing through might be exploited</P><P>&nbsp;</P><P>&nbsp;</P><P>from threatvault.paloaltonetworks.com:</P><P>OpenSSL is prone to a man-in-the-middle vulnerability while parsing certain crafted SSL requests. The vulnerability is due to the lack of proper checks on SSL requests, leading to an exploitable man-in-the-middle vulnerability. An attacker could exploit the vulnerability by sending crafted SSL requests. A successful attack could lead to remote code execution with the privileges of the server.</P><P>&nbsp;</P><P>&nbsp;</P><P>if you go into your threat logs, you should be able to pinpoint where these connections are coming from/going to and take appropriate action (patch server, block connection, add exception)</P><P>&nbsp;</P> Wed, 26 May 2021 13:20:42 GMT https://live.paloaltonetworks.com/t5/general-topics/openssl-sslv2-man-in-the-middle-vulnerability-under-top-threats/m-p/409210#M92423 reaper 2021-05-26T13:20:42Z