Comments
-
Thank you, now it worked perfectly
-
@"james.carson" Myself included... Ok, I will try it correctly now and report back. Thanks!
-
Thanks @Bruce_Briggs @"james.carson" do you have an answer? A firebox with 12.7.2 offering only SSL VPN through port 443 to the internet is susceptible to CVE-2022-31789, CVE-2022-31790 and CVE-2022-31792?
-
@Bruce_Briggs ok, so it is my understanding that my current version (12.7.2) does not fix these issues. Version 12.8.x requires a "LiveSecurity key" which I imagine is a paid feature. However, they all seem to depend on my equipment having its management access page available to the internet, which they don't. The only…
-
Ok, so I updated one of my firewalls to 12.7.2, and intend to do the same with all others. This solves CVE-2022-26318 as is clearly stated in the release notes. Do you know if it also solves CVE-2022-31789, CVE-2022-31790, CVE-2022-31791 and CVE-2022-31792? I find the phrase "Affected: Fireware OS before 12.8.1, 12.x…
-
You all are right. I will update the software of all firewalls. Thank you!
-
Yes, I am aware. I am not afraid that people download the client, I am afraid of the possible existence of vulnerabilities in the http server that listens in this port.
-
My version of firmware actually doesn't have this option in the CLI. Thanks anyway.
-
Thank you, Kimmo! Do any of you know if this login page is affected by CVE-2022-26318? https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2022-00002 Or is this vulnerability only related to the management login page of the firewall?
-
Thank you Tristan I wanted to reduce my risk quickly before starting the implementation of MFA over several fireboxes. There really isn't any simple configuration to eliminate this page?