Palo Alto Networks Security Advisories / PAN-SA-2016-0015

PAN-SA-2016-0015 Cron local privilege escalation

047910
Severity 6.4 · MEDIUM
Attack Vector LOCAL
Attack Complexity HIGH
Privileges Required HIGH
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH

Description

Palo Alto Networks firewalls use the cron infrastructure to perform household system cleanup at regular intervals. Due to an error in user input normalization, a file locally created by an end user and placed in a specific directory could be executed in a higher privilege context (Ref. 93612).

Because no shell access is available to end-users, exploitation of this issue is unlikely.

This issue affects PAN-OS 5.0.18 and prior; PAN-OS 5.1.11 and prior; PAN-OS 6.0.13 and prior; PAN-OS 6.1.11 and prior; PAN-OS 7.0.6 and prior; PAN-OS 7.1.1 and prior

Product Status

VersionsAffectedUnaffected
PAN-OS 7.1<= 7.1.1>= 7.1.2
PAN-OS 7.0<= 7.0.6>= 7.0.7
PAN-OS 6.1<= 6.1.11>= 6.1.12
PAN-OS 6.0<= 6.0.13>= 6.0.14
PAN-OS 5.1<= 5.1.11>= 5.1.12
PAN-OS 5.0<= 5.0.18>= 5.0.19

Severity: MEDIUM

CVSSv3.1 Base Score: 6.4 (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)

Weakness Type

Solution

PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.7 and later; PAN-OS 7.1.2 and later

Workarounds and Mitigations

N/A

Acknowledgments

Felix Wilhelm, ERNW Research
© 2020 Palo Alto Networks, Inc. All rights reserved.