PAN-SA-2016-0018 WildFire Cross-Site Scripting Vulnerability
Attack Vector
NETWORK
Scope
UNCHANGED
Attack Complexity
LOW
Confidentiality Impact
LOW
Privileges Required
NONE
Integrity Impact
LOW
User Interaction
REQUIRED
Availability Impact
LOW
Description
A Palo Alto Networks firewall displaying a WildFire cloud integrated report is susceptible to a cross-site scripting condition (Ref # WTC-3355).
A sample analyzed by the WildFire cloud could trigger a cross-site scripting attack against a firewall administrator who is displaying a WildFire report. This vulnerability is restricted to the context in which the report is parsed by the cloud.
This issue affects Palo Alto Networks hosted WildFire cloud from January to August 9th 2016
Product Status
Versions | Affected | Unaffected |
---|---|---|
WildFire Cloud | None | current |
Severity: MEDIUM
CVSSv3.1 Base Score: 6.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L)
Solution
Palo Alto Networks hosted WildFire cloud starting August 10th 2016. Users do not need to take action.
Workarounds and Mitigations
N/A
Acknowledgments
Palo Alto Networks thanks Alexander Fischer, DCSO Deutsche Cyber-Sicherheitsorganisation for discovering and reporting the issue.