Vulnerability found on Firewall Need to address

Hi Team,

We are getting following vulnerabilities on one of our PA Firewall. Kindly suggest the next PoA regarding mentioned vulnerabilities.

Plugin

Plugin Name

Family

Severity

IP Address

Type

84502

HSTS Missing From HTTPS Server

Web Servers

Medium

x.x.x.x

Pa

Certificate vulnerabilities

I have found several of my network devices are showing up within our vulnerability management scanner with X.509 Certificate Subject CN does not match the entity name as a vulnerability. This is more than likely a DNS issue as I do not have any netwo

CVE 2021-3050 Fix firmware upgrade

Hey guys as we know the above advisory resolve in PANOS 10.0.8 and above so in the solution, Palo alto says they will resolve it in September can I get to know the status of the new firmware or can I download the 10.1.0 but that is not the stable ver

Help with Threat log SCAN: Host Sweep

I am looking for assistance interpreting a report that shows “SCAN Host sweep traffic” in my threat log. There are multiple internal sources scanning multiple destination IP addresses that I do not own. The daily number of scans detected from each so

Threat : Compromised or manufacturer default password found in HTTP Basic Authentication

Apache Tomcat WebSocket Denial-of-Service Vulnerability' generated by NGFW

RE: 'Apache Tomcat WebSocket Denial-of-Service Vulnerability' generated by PAN NGFW detected on host foo-wrkXXX involving user foo\User.Name

-- Unique Threat ID: 59026

I am wondering if others are seeing this Alert generated due to what appears to be

Zone protection flood thresholds

I get ICMP and UDP flood alert messages from my external zone protection profile all the time. It does not seem to impact production - but not totally sure on that though.

We just have 1 - 5220, no Panarama. Anyone have any advise as to how best to co

Malicious signature "Virus/Win32.WGeneric.bjpxbe" detected on Cortex XDR

Hi,

Malicious signature "Virus/Win32.WGeneric.bjpxbe" is detected on Cortex XDR.

When dwelled further, details & screen grab from THREAT VAULT are shared for your perusal 

Unique Threat ID: 422569341

SHA256 values are (09fb42aa3d9fcb32e2dab5f9e614a1975e

Vulnerability CVE 2021-3050

Hey, guys, one of my clients want the POA (Plan of Action) for this vulnerability what should I check in the firewall. I checked the Traffic WAN TO WAN the security Profiles are attached properly but the management IP is pvt i access the firewall by

Latest DDOS attack related issue on Palo alto

Hey guys one of my client having a concern about the security patch. he has PA-820 PA and PA-220. The New DDOS attack is there ID is CIAD-2021-0030 

https://clicktime.symantec.com/3QdtY9QLh9kb4B5ny33Z2KD7Vc?u=https%3A%2F%2Fwww.cert-in.org.in%2F

Please