02-26-2024 11:29 PM
Aside from checking in the OSS listing, how can i verify the current OpenSSH version installed on the Palo Alto device. Also how can we upgrade it to a recommended version?
Current firmware version: 10.2.6
Based on OSS listing, OpenSSH version is: 8.0p1
02-27-2024 12:31 AM
Hi @Ryan_Volante ,
to check the OpenSSH version, you can telnet to it on port 22, for instance:
telnet 192.168.0.253 22
SSH-2.0-OpenSSH_8.0
On the other hand, regarding any concern on vulnerabilities on open source software used in PAN-OS, I would advise you to send an email to our PSIRT team psirt@paloaltonetworks.com, you should receive a reply back within 2 business days.
Regards
--Richard
02-26-2024 11:35 PM
To give additional context:
The client ran a VAPT scan using Qualys, and based on the report it is affected by multiple Open SSH vulnerabilities. One of the recommendation is to Upgrade it to a OpenSSH version 9.6.
02-27-2024 12:31 AM
Hi @Ryan_Volante ,
to check the OpenSSH version, you can telnet to it on port 22, for instance:
telnet 192.168.0.253 22
SSH-2.0-OpenSSH_8.0
On the other hand, regarding any concern on vulnerabilities on open source software used in PAN-OS, I would advise you to send an email to our PSIRT team psirt@paloaltonetworks.com, you should receive a reply back within 2 business days.
Regards
--Richard
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
