FREAK vulnerability/PAN-OS support for "export" level cypher suites

L4 Transporter

The latest MiM SSL/TLS vulnerability was in the news on Tuesday, March 3rd:


We have confirmed that PAN-OS is not vulnerable to FREAK. Palo Alto Networks does not support export-grade ciphers and we are planning to release an IPS signature with next week's regular content release.

L3 Networker


Any ETA about vulnerbility protection?



L1 Bithead


Is the release of an IPS signature next week (2015/03/08 ~ 2015/03/14) still scheduled?

Thanks, Jim

L7 Applicator

Now that IE on windows is added to the vulnerability list a signature should be a higher priority.

L1 Bithead


Microsoft has released a patch.

Microsoft Security Bulletin MS15-031 - Important

Regards, Jim

L7 Applicator

Listed in the updates for Content version 490

37493    Export RSA cipher suite detected    CVE-2015-0204

Ask Questions Get Answers Join the Live Community