https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/422817#M94095 <P>Hello,</P><P>Running a newer recommended release are not affected by the vulnerabilities listed.</P><P>&nbsp;</P><P><A href="https://security.paloaltonetworks.com/" target="_blank">https://security.paloaltonetworks.com/</A></P><P>&nbsp;</P><P><A href="https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304" target="_blank">https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304</A></P><P>&nbsp;</P><P>Regards,</P> Wed, 28 Jul 2021 22:01:16 GMT OtakarKlier 2021-07-28T22:01:16Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/277006#M75404 <P>Hi Team,</P><P>&nbsp;</P><P>We are finding the below vulnerabilities being detected on Palo Alto Management SSH service :</P><P>&nbsp;</P><TABLE><TBODY><TR><TD>&nbsp;</TD></TR><TR><TD><P><U><A href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2768" target="_blank" rel="noopener">CVE-2007-2768</A></U></P></TD></TR><TR><TD><P><U><A href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1653" target="_blank" rel="noopener">CVE-2004-1653</A></U></P></TD></TR><TR><TD><P><U><A href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2243" target="_blank" rel="noopener">CVE-2007-2243</A></U></P></TD></TR><TR><TD><P><U><A href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2183" target="_blank" rel="noopener">CVE-2016-2183</A></U></P></TD></TR><TR><TD>&nbsp;</TD></TR></TBODY></TABLE><P>Kindly help us in resolving the above said vulnerabilities.&nbsp; Devices are running with the OS 8.0.16.</P><P>&nbsp;</P><P>Regards,</P><P>Sethupathi M</P> Wed, 17 Jul 2019 12:00:49 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/277006#M75404 Sethupathi 2019-07-17T12:00:49Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/277044#M75408 it's recommended to set the management interface on a private network and add only a few allowed IP addresses to access management, to limit the attack surface of any potential bad actor some of these are for pretty old openssh version, may want to check with TAC if your scan is accurate Wed, 17 Jul 2019 14:07:04 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/277044#M75408 reaper 2019-07-17T14:07:04Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/422721#M94087 <PRE><SPAN class="Y2IQFc">Hello, is it possible to indicate if there is any mitigation or the new versions of pan os, are they not affected by these vulnerabilities, regardless of the administrative restrictions?</SPAN></PRE> Wed, 28 Jul 2021 17:01:02 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/422721#M94087 jmsepulveda 2021-07-28T17:01:02Z https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/422817#M94095 <P>Hello,</P><P>Running a newer recommended release are not affected by the vulnerabilities listed.</P><P>&nbsp;</P><P><A href="https://security.paloaltonetworks.com/" target="_blank">https://security.paloaltonetworks.com/</A></P><P>&nbsp;</P><P><A href="https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304" target="_blank">https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304</A></P><P>&nbsp;</P><P>Regards,</P> Wed, 28 Jul 2021 22:01:16 GMT https://live.paloaltonetworks.com/t5/general-topics/palo-alto-ssh-vulnerabilities/m-p/422817#M94095 OtakarKlier 2021-07-28T22:01:16Z