IPS CVE-2021-26855 default action to allow

Question

Hi 
 
 How come the default action for the IPS is to allow CVE-2021-26855 when detected? 
 
 Both signature IDs 2305106 and 2305107 are set to allow packet.

FormerMember · Accepted Answer

Hi SOMOA , 
 Thanks for reaching out to the Community! 
 I'm following up with the concerned internal team, and I will update you once I get the feedback. 
 Thanks,

FormerMember · Answer

Hi SOMOA , 
 There wasn't enough information available at the time of the release of those SIDs. 
 The recommended action will change in the upcoming release to "Drop/Block Packets." 
 Thanks,

IPS CVE-2021-26855 default action to allow

Top Replies