An incorrect Web management server configuration was identified in PAN-OS. (Ref # PAN-52038/86767).
This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier
|7.0||<= 7.0.7||>= 7.0.8|
|6.1||<= 6.1.12||>= 6.1.13|
|6.0||<= 6.0.14||>= 6.0.15|
|5.1||<= 5.1.12||>= 5.1.13|
|5.0||<= 5.0.19||>= 5.0.20|
CVSSv3.1 Base Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later
This issue is available only to authenticated users on the web interface. Palo Alto Networks recommends implementing best practices, only allowing management access to a restricted set of IP address, and dedicating management of the device to the management interface only.