CVE-2017-15942 Denial of Service Against GlobalProtect
Description
A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)
PAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.
This issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier
Product Status
Versions | Affected | Unaffected |
---|---|---|
PAN-OS 8.0 | <= 8.0.5 | >= 8.0.6 |
PAN-OS 7.1 | <= 7.1.12 | >= 7.1.13 |
PAN-OS 7.0 | <= 7.0.18 | >= 7.0.19 |
PAN-OS 6.1 | <= 6.1.18 | >= 6.1.19 |
Severity: HIGH
CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Weakness Type
CWE-399 Resource Management Errors
Solution
PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later
Workarounds and Mitigations
This vulnerability is only available when the GlobalProtect gateway or portal is running.