Palo Alto Networks web management server is vulnerable to a denial-of-service attack. (Ref # PAN-64917/105311) (CVE-2014-9708)
This pre-authenticated denial-of-service attack could disrupt the web management interface.
This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier
|PAN-OS 7.1||<= 7.1.5||>= 7.1.6|
|PAN-OS 7.0||<= 7.0.10||>= 7.0.11|
|PAN-OS 6.1||<= 6.1.14||>= 6.1.15|
|PAN-OS 6.0||<= 6.0.14||>= 6.0.15|
|PAN-OS 5.1||<= 5.1.12||>= 5.1.13|
|PAN-OS 5.0||<= 5.0.19||>= 5.0.20|
CVSSv3.1 Base Score: 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later
Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.