cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who rated this post

L1 Bithead

Hi,

 

security.paloaltonetworks just updated with this CVE:

 

https://security.paloaltonetworks.com/CVE-2023-48795

 

"Customers can resolve this issue by removing support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. Guidance on how to configure strong ciphers and algorithms can be found on the following pages:

- https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004OOQCA2

- https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-cli-quick-start/get-started-with-the-cli/refres...

This issue is completely resolved by following the recommended best practices for deploying PAN-OS (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administr...). No additional PAN-OS fixes are planned in maintenance releases at this time."

Who rated this post