https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166056#M29854 <P><SPAN>R80.40 JHF T58 is a version from before&nbsp;19 July 2020. I would suggest to upgrade !</SPAN></P> <P><SPAN>R81 JHF T69 is recent, but:</SPAN></P> <P><SPAN><STRONG>Check Point Recommended version for all deployments is <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk170416#Installation" target="_blank" rel="noopener">R81.10 Take 335</A> with its Recommended <A href="https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.10/Default.htm" target="_blank" rel="noopener">Jumbo Hotfix Accumulator</A> Take 79</STRONG></SPAN></P> Mon, 26 Dec 2022 10:37:35 GMT G_W_Albrecht 2022-12-26T10:37:35Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166032#M29838 Wed, 05 Apr 2023 08:22:08 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166032#M29838 umar7 2023-04-05T08:22:08Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166046#M29850 <P>Please note that this community is not an official support channel.&nbsp;</P> <P>If you need the assistance of support further to the answers provided in your previous thread on similar topics then please raise an SR with TAC.</P> <P>Please ensure gateways have a current JHF installed and that you have reviewed the SKs pertaining to the use of SHA-256 with the ICA etc.</P> <P>&nbsp;</P> <P>sk36343: Check Point response to OpenSSH CBC Mode Information Disclosure Vulnerability (CVE-2008-5161)<BR />sk106031: How to change SSH encryption protocols and Message Authentication Code settings<BR />sk65269: Status of OpenSSH CVEs<BR />sk147272: Vulnerability scan shows that Gaia Portal supports SSL medium strength cipher suites<BR />sk162542: Disable non-secure TLS and Cipher protocols<BR />sk120774: Vulnerability scan shows that there are weak ciphers related to TLS 1.2<BR />sk92447: Status of OpenSSL CVEs<BR />sk108252: How to change Gaia Portal's certificate from SHA-1 to SHA-256<BR />sk103840: SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA)<BR />sk100647: Check Point response to common false positives scanning results</P> Mon, 26 Dec 2022 06:28:50 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166046#M29850 Chris_Atkinson 2022-12-26T06:28:50Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166056#M29854 <P><SPAN>R80.40 JHF T58 is a version from before&nbsp;19 July 2020. I would suggest to upgrade !</SPAN></P> <P><SPAN>R81 JHF T69 is recent, but:</SPAN></P> <P><SPAN><STRONG>Check Point Recommended version for all deployments is <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk170416#Installation" target="_blank" rel="noopener">R81.10 Take 335</A> with its Recommended <A href="https://sc1.checkpoint.com/documents/Jumbo_HFA/R81.10/Default.htm" target="_blank" rel="noopener">Jumbo Hotfix Accumulator</A> Take 79</STRONG></SPAN></P> Mon, 26 Dec 2022 10:37:35 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/vulnerability-on-firewall/m-p/166056#M29854 G_W_Albrecht 2022-12-26T10:37:35Z