Palo Alto Networks Knowledgebase: SSL Vulnerability Non-Detection Behavior is Seen when Inbound SSL Decryption Policy is Set
SSL Vulnerability Non-Detection Behavior is Seen when Inbound SSL Decryption Policy is Set
Created On 02/07/19 23:43 PM - Last Updated 02/07/19 23:44 PM
When configuring settings (with a normal security policy whether single VSYS or multiple VSYS) it is set together with Inbound SSL Decryption policy, detection of SSL relevant vulnerability by the security profile (vulnerability) failed.
After the inbound SSL decryption is set, the threat engine only sees decrypted data and does not have a chance to see the SSL version number (SSL3.0), which is in the SSL handshake hello packets. So the SSL v3 vulnerability is not identified in this setting.
The vulnerabilities listed below apply to this scenario: