Known issue (PAN-202288 & PAN-206672)

Kindly provide the brief about Known issue (PAN-202288 & PAN-206672)

Palo Alto Firewall CVE-2022-2884

Hi,

Does anyone know if GitLab Remote Command Execution Vulnerability is covered with Palo Alto AV Signature?

Is Palo Alto affected by it?

I was not able to find it in their Security Advisories.

Vulnerability Details:

Title

GitLab Remote Comman

EDL - Talos block list

I have various EDLs setup on various different PA models. Some work, and populate the list with IP's and effectively block in security policies. However,  for Cisco Talos block list, it just will not work:

http://www.talosintelligence.com/feeds/ip-fi

Vulnerability: Microsoft Windows RPC Encrypted Data Detected Mean???

hi;

How to remove this message: Microsoft Windows RPC Encrypted Data Detected from a windows 10 computer that palo alto always report this type of thread???

Whats mean Microsoft Windows RPC Encrypted Data Detected???

SSH protocol uses Weak key exchange algorithms in PA 500 for PAN OS 8.1.14

Hi Team ,

  PA 500 with 8.1.14 (latest OS )  is having the Vulnerability SSH protocol uses Weak key exchange algorithms. I understand we can change algorithm values with set deviceconfig system ssh kex  to stronger algorithm post 9.0 unfortunately PA

Threat ID in the ranges between 8700-8799, Packet Based Attacks Protections in "Zone Protection" profiles

License issue

Hi all, 

In my Pa-220 box we have not purchased license of advance threat prevention but its still showing me in the license tab and and its also showing as expired license of (ATP) , the firewall is in ha but on passive one everything is correct,

not-resolved URL for s3.us-central-1.wasabisys.com

,

Could you help me see why the s3.us-central-1.wasabisys.com comes back as a not-resolved category and is a threat?

False positive - Threat ID 86672 - NewPOSThing Command and Control Traffic Detection

Has anyone seen critical alerts for this threat? It was added as a new signature yesterday in Apps&Threats release 8626-7624. We immediately had an alert for it for traffic to hxxps://www.riddle.com/ws/connect/5  So far it looks like a false positive

PAN DB vs Advanced

Hello ,

Just want to know if PAN-DB and Advanced URL are different licensing

If Advanced URL is purchased , does it cover PAN-DB

We have a customer who puchased Advanced URL  , but not PAN DB

High vulnerabilities PAN-OS reported by vulnerability management scan

Hello colleagues:

Good afternoon, hope you are all well.

Some of you have reported these critical vulnerabilities to them, by Nesus Scan: