in recent scanning, we received "SSH Terrapin Prefix Truncation Weakness
(CVE-2023-48795)" vulnerability on port 22.just use this command in nmap
"nmap -sV -p 22 --script ssh2-enum-algos 192.168.xxx.xxx"if it shows
"chacha20-poly1305@openssh.com" or ...
@smaruvala you mean to say if scanners flag the device as vulnerable due
to available of affected ciphers which should not be shown. but still,
if we upgrade firmware to 7.2.8 (as shown in below upgrade path) it will
fix the vulnerable ciphers and wi...
@AEK as you mention - FortiOS is not impacted by this vulnerability.also
in link you shared shows Products confirmed NOT
impacted:FortiOS--------------------but i have FortiGate100E firewall
with Firmware Version v7.0.14 build0601 (Mature). as the sc...
