07-16-2025 09:08 AM
PAN state that as workaround/mitigation - block attacks for this vulnerability by enabling Threat ID 510003 and 510004 ( content v 8995 and that "it is crucial to ensure that Vulnerability Protection profiles are explicitly applied to the security rules that process traffic FROM GlobalProtect interfaces." I wonder if anyone has managed to validate this threat detection/blocking on a test GP portal ? Of course, it may be that 1. having the SSL-VPN disabled and 2. setting the portal login page set to "none" means this vulnerability is just not exposed. However the Sec Advisory does not state these as workarounds. If sufficient these would appear to be a more straightforward intervention than creating rules to apply vulnerability profiles from the GP portal. However having already gone the extra mile, any advise on testing these threats would be gratefully received.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
