A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines by restricting access to only trusted internal IP addresses.
Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID™ Authentication Portal.
Customers are impacted if both of the following conditions are true:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access | No action needed. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.4 | \nUpgrade to 11.2.4-h4 or 11.2.5 or later. | \n
| \n | 11.2.0 through 11.2.3 | \nUpgrade to 11.2.3-h6 or 11.2.5 or later. | \n
| \n | 11.2.0 through 11.2.2 | \nUpgrade to 11.2.2-h2 or 11.2.5 or later. | \n
| PAN-OS 11.1 | \n 11.1.0 through 11.1.6 | \nUpgrade to 11.1.6-h1 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.4 | \nUpgrade to 11.1.4-h13 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.3 | \nRemain on a version older than 11.1.3-h2 or upgrade to 11.1.4-h13 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.2 | \nUpgrade to 11.1.2-h18 or 11.1.7 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.13 | \nUpgrade to 10.2.13-h3 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.12 | \nUpgrade to 10.2.12-h6 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.11 | \nUpgrade to 10.2.11-h12 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h14 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.9 | \nUpgrade to 10.2.9-h21 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.8 | \nUpgrade to 10.2.8-h21 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.7 | \nUpgrade to 10.2.7-h24 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.4 | \nRemain on a version older than 10.2.4-h25 | \n
| PAN-OS 10.1 | No action needed. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access on PAN-OS | 11.2.0 through 11.2.4 | Upgrade to 11.2.4-h4 or later |
| 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h14 or 11.2.4-h4 or later. | \n|
| \n | 10.2.0 through 10.2.4 | \nRemain on a version older than 10.2.4-h25. | \n
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVEN-2025-4615","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses. We recommend remediating this vulnerability in your next scheduled maintenance cycle."}],"cvssV4_0":{"version":"4.0","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"POC","baseSeverity":"MEDIUM","baseScore":6.9,"threatSeverity":"MEDIUM","threatScore":5.4,"vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:U/V:D/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"POC","baseSeverity":"HIGH","baseScore":7,"threatSeverity":"MEDIUM","threatScore":5.5,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:U/V:D/RE:M/U:Amber"}}],"workarounds":[{"lang":"eng","value":"No known workarounds exist for this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"No known workarounds exist for this issue."}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW All No action needed.\nPAN-OS 12.1 No action needed.\nPAN-OS 11.2 11.2.0 through 11.2.7 Upgrade to 11.2.8 or later.\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.4-h27 or 11.1.6-h21 or 11.1.10-h7 or later.\n 11.1.4 through 11.1.6 Upgrade to 11.1.6-h21 or 11.1.10-h7 or later.\n 11.1.8 through 11.1.10 Upgrade to 11.1.10-h7 or later.\nPAN-OS 10.2 10.2.0 through 10.2.16 Upgrade to 10.2.17 or later.\nAll older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access All No action needed.","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 12.1 | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.7 | \nUpgrade to 11.2.8 or later. | \n
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.4-h27 or 11.1.6-h21 or 11.1.10-h7 or later. |
| 11.1.4 through 11.1.6 | \nUpgrade to 11.1.6-h21 or 11.1.10-h7 or later. | \n |
| \n | 11.1.8 through 11.1.10 | \nUpgrade to 11.1.10-h7 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.16 | \nUpgrade to 10.2.17 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access All | No action needed. |
The risk is greatest if you allow access to the management web interface from the internet or from any untrusted network either:
Directly; or
Through a dataplane interface that includes a management interface profile.
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management web interface.
Use the following steps to identify your recently detected devices in our internet scans.
To find any assets that require remediation, visit the Assets section of the Customer Support Portal:https://support.paloaltonetworks.com and then select Products → Assets → All Assets → Remediation Required).
Review the list of your assets that we discovered in our scans to have an internet-facing management interface. We tagged these assets with ‘PAN-SA-2024-0015’ and a last seen timestamp (in UTC). If you do not see any such assets listed, then our scan did not find any devices associated with your account in the past three days that have an internet-facing management interface.
GlobalProtect™ portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you are exposing the firewall to attacks through the management web interface (typically accessible on port 4443).
Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review more information about how to secure management access to your Palo Alto Networks firewalls in these documents:
Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431
Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | No action needed. | |
| PAN-OS 11.1 | No action needed. | |
| PAN-OS 11.0* | \n 11.0.0 through 11.0.2 | \nUpgrade to 11.0.3 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.7 | \nUpgrade to 10.2.8 or later. | \n
| PAN-OS 10.1 | Upgrade to 10.2.8 or 11.0.3 or later. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
*PAN-OS 11.0 has reached EoL. We listed it here for completeness because a patch for PAN-OS 11.0 was released before it reached EoL. If you are still using any vulnerable EoL versions, we strongly recommend that you upgrade to a supported fixed PAN-OS version.
"}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2025-06-11T16:00:00.000Z","lang":"en","value":"Initial Publication"}],"credits":[{"lang":"en","value":"spcnvdr","type":"finder"}],"source":{"defect":["PAN-215223"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.0.2-h5","PAN-OS 11.0.2-h4","PAN-OS 11.0.2-h3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h5","PAN-OS 11.0.1-h4","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h4","PAN-OS 11.0.0-h3","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h14","PAN-OS 10.1.14-h13","PAN-OS 10.1.14-h11","PAN-OS 10.1.14-h10","PAN-OS 10.1.14-h9","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2025-4230","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI","datePublic":"2025-06-11T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-248","descriptions":[{"lang":"en","value":"CAPEC-248 Command Injection"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.13:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.10:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.7:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"11.2.0","lessThan":"11.2.6","changes":[{"at":"11.2.6","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.6-h14","changes":[{"at":"11.1.10","status":"unaffected"},{"at":"11.1.6-h14","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.10-h27","changes":[{"at":"10.2.10-h27","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.1.0","lessThan":"10.1.14-h15","changes":[{"at":"10.1.14-h15","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h14"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h27"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.1.14","versionEndExcluding":"10.1.14-h15"}]}]}],"descriptions":[{"lang":"en","value":"A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\n\nCloud NGFW and Prisma® Access are not affected by this vulnerability.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.5 | \nUpgrade to 11.2.6 or later. | \n
| PAN-OS 11.1 | \n 11.1.0 through 11.1.6 | \nUpgrade to 11.1.6-h14 or 11.1.10 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h27 or later. | \n
| PAN-OS 10.1 | \n 10.1.0 through 10.1.14 | \nUpgrade to 10.1.14-h15 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access All | No action needed. |
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode.
This issue does not affect Cloud NGFW or Prisma Access.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2025-0130","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.2,"threatSeverity":"MEDIUM","threatScore":4.6,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:L/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue only affects PAN-OS firewalls that have the web proxy feature enabled. This feature is only available on PAN-OS 11.0 and above. Additionally a license is required to use the web proxy feature.\nTo verify if you have configured web proxy on your PAN-OS device, see our documentation regarding the web proxy feature (https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-new-features/networking-features/web-proxy).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue only affects PAN-OS firewalls that have the web proxy feature enabled. This feature is only available on PAN-OS 11.0 and above. Additionally a license is required to use the web proxy feature.| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later. |
| PAN-OS 11.1 | 11.1.0 through 11.1.7 | Upgrade to 11.1.7-h2 or 11.1.8 or later. |
| 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or 11.1.8 or later. | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version. | |
| PAN-OS 10.2 | No action needed. | |
| PAN-OS 10.1 | No action needed. | |
| All other unsupported PAN-OS versions | Upgrade to a supported fixed version. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 on VM-Series | No action needed | |
| PAN-OS 11.1 on VM-Series | No action needed | |
| PAN-OS 11.0 on VM-Series | 11.0.0 through 11.0.3 | Upgrade to 11.0.4 or later |
| PAN-OS 10.2 on VM-Series | 10.2.0 through 10.2.8 | Upgrade to 10.2.9 or later |
| PAN-OS 10.1 on VM-Series | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h13 or later |
| PAN-OS on non VM-Series platforms | No action needed | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version |
A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.
Cloud NGFW is not affected by this vulnerability. Prisma® Access software is proactively patched and protected from this issue.
> debug sslmgr set disable-scep-auth-cookie yes
CAUTION: This workaround is effective only until the next reboot, after which you must rerun this command to stay protected."}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nPAN-OS 11.2 11.2.0 through 11.2.2 Upgrade to 11.2.3 or later\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.5 or later\nPAN-OS 11.0 11.0.0 through 11.0.5 Upgrade to 11.0.6 or later\nPAN-OS 10.2 10.2.0 through 10.2.10 Upgrade to 10.2.11 or later\nPAN-OS 10.1 10.1.0 through 10.1.14 Upgrade to 10.1.14-h11 or later\nAll other older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\n\n\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade to a fixed supported version.\n\nWe proactively initiated the upgrade through Prisma Access March 21, 2025, to cover all tenants.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.2 | Upgrade to 11.2.3 or later |
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.5 or later |
| PAN-OS 11.0 | 11.0.0 through 11.0.5 | Upgrade to 11.0.6 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.10 | Upgrade to 10.2.11 or later |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
This issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.
You can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network → GlobalProtect → Portals).
If you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network → GlobalProtect → Portals → (portal-config) → Authentication).
"}]}],"workarounds":[{"lang":"en","value":"This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation.
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nPAN-OS 11.2 11.2.0 through 11.2.2 Upgrade to 11.2.3 or later\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.5 or later\nPAN-OS 11.0 11.0.0 through 11.0.5 Upgrade to 11.0.6 or later\nPAN-OS 10.2 10.2.10 Upgrade to 10.2.10-h6 or 10.2.11 or later\n 10.2.5 through 10.2.9 Upgrade to 10.2.9-h13 or 10.2.11 or later\n 10.2.0 through 10.2.4 Upgrade to 10.2.4-h25 or 10.2.11 or later\nPAN-OS 10.1 10.1.0 through 10.1.14 Upgrade to 10.1.14-h11 or later\nAll other older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\n\n\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.\n\nWe proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants.\n\n\n","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.2 | Upgrade to 11.2.3 or later |
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.5 or later |
| PAN-OS 11.0 | 11.0.0 through 11.0.5 | Upgrade to 11.0.6 or later |
| PAN-OS 10.2 | 10.2.10 | Upgrade to 10.2.10-h6 or 10.2.11 or later |
| 10.2.5 through 10.2.9 | Upgrade to 10.2.9-h13 or 10.2.11 or later | |
| 10.2.0 through 10.2.4 | Upgrade to 10.2.4-h25 or 10.2.11 or later | |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.0 | 11.0.0 through 11.0.1 | Upgrade to 11.0.2 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.4 | Upgrade to 10.2.5 or later |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.
Use the following steps to identify your recently detected devices in our internet scans.
GlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).
"}]}],"workarounds":[{"lang":"en","value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article:https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation:https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943).","supportingMedia":[{"type":"text/html","base64":false,"value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review information about how to secure management access to your Palo Alto Networks firewalls:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h9 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.13 | Upgrade to 10.2.13-h3 or later |
| 10.2.7 | Upgrade to 10.2.7-h24 or 10.2.13-h3 or later | |
| 10.2.8 | Upgrade to 10.2.8-h21 or 10.2.13-h3 or later | |
| 10.2.9 | Upgrade to 10.2.9-h21 or 10.2.13-h3 or later | |
| 10.2.10 | Upgrade to 10.2.10-h14 or 10.2.13-h3 or later | |
| 10.2.11 | Upgrade to 10.2.11-h12 or 10.2.13-h3 or later | |
| 10.2.12 | Upgrade to 10.2.12-h6 or 10.2.13-h3 or later | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version | |
| PAN-OS 11.1 | 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or later |
| 11.1.2 | Upgrade to 11.1.2-h18 or 11.1.6-h1 or later | |
| 11.1.4 | Upgrade to 11.1.4-h13 or 11.1.6-h1 or later | |
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later |
| 11.2.4 | Upgrade to 11.2.4-h4 or 11.2.5 or later | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces.
"}]}],"timeline":[{"time":"2025-02-18T23:00:00.000Z","lang":"en","value":"Updated the exploit status and solutions table"},{"time":"2025-02-18T19:30:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2"},{"time":"2025-02-18T07:06:00.000Z","lang":"en","value":"Updated exploit status"},{"time":"2025-02-12T23:45:00.000Z","lang":"en","value":"Added Threat Prevention Threat ID to Workarounds and Mitigations"},{"time":"2025-02-12T17:00:00.000Z","lang":"en","value":"Initial Publication"},{"time":"2025-02-19T23:15:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2 and 11.1"},{"time":"2025-02-21T17:10:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 11.1 and 11.2"},{"time":"2025-02-21T23:00:00.000Z","lang":"en","value":"Clarified recommended remediations and added a FAQ"},{"time":"2025-03-06T23:00:00.000Z","lang":"en","value":"Updated to explicitly state that end-of-life (EoL) versions are presumed to be affected"}],"credits":[{"lang":"en","value":"Adam Kues - Assetnote Security Research Team","type":"finder"},{"lang":"en","value":"our Deep Product Security Research Team","type":"finder"}],"source":{"defect":["PAN-273971"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2025-0111","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface","datePublic":"2025-02-12T17:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-73","description":"CWE-73: External Control of File Name or Path","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-165","descriptions":[{"lang":"en","value":"CAPEC-165 File Manipulation"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"10.1.0","lessThan":"10.1.14-h9","changes":[{"at":"10.1.14-h9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.7-h24","changes":[{"at":"10.2.7-h24","status":"unaffected"},{"at":"10.2.8-h21","status":"unaffected"},{"at":"10.2.9-h21","status":"unaffected"},{"at":"10.2.12-h6","status":"unaffected"},{"at":"10.2.13-h3","status":"unaffected"},{"at":"10.2.10-h14","status":"unaffected"},{"at":"10.2.11-h12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.6-h1","changes":[{"at":"11.1.6-h1","status":"unaffected"},{"at":"11.1.2-h18","status":"unaffected"},{"at":"11.1.4-h13","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.4-h4","changes":[{"at":"11.2.4-h4","status":"unaffected"},{"at":"11.2.5","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.\n\nThe attacker must have network access to the management web interface to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).\n\n\n\nThis issue does not affect Cloud NGFW or Prisma Access software.","supportingMedia":[{"type":"text/html","base64":false,"value":"An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
The attacker must have network access to the management web interface to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines.
This issue does not affect Cloud NGFW or Prisma Access software.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2025-0111","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"RED","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":7.1,"threatSeverity":"HIGH","threatScore":7.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/AU:N/R:U/V:C/RE:M/U:Red"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses. We recommend remediating this vulnerability in your next scheduled maintenance cycle."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"MEDIUM","baseScore":5.9,"threatSeverity":"LOW","threatScore":2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\n\n 1. Directly; or\n 2. Through a dataplane interface that includes a management interface profile.\n\nYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\n\nUse the following steps to identify your recently detected devices in our internet scans.\n\n 1. To find any assets that require remediation action, visit the Assets section of the Customer Support Portal at https://support.paloaltonetworks.com (https://support.paloaltonetworks.com/) (Products → Assets → All Assets → Remediation Required).\n 2. Review the list of your devices that we discovered in our scans to have an internet-facing management interface and that we tagged with ‘PAN-SA-2024-0015’ and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices on your account to have an internet-facing management interface within the past three days.\n\nGlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).","supportingMedia":[{"type":"text/html","base64":false,"value":"The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.
Use the following steps to identify your recently detected devices in our internet scans.
GlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).
"}]}],"workarounds":[{"lang":"en","value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article:https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation:https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943).\nhttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices","supportingMedia":[{"type":"text/html","base64":false,"value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review information about how to secure management access to your Palo Alto Networks firewalls:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h9 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.13 | Upgrade to 10.2.13-h3 or later |
| 10.2.7 | Upgrade to 10.2.7-h24 or 10.2.13-h3 or later | |
| 10.2.8 | Upgrade to 10.2.8-h21 or 10.2.13-h3 or later | |
| 10.2.9 | Upgrade to 10.2.9-h21 or 10.2.13-h3 or later | |
| 10.2.10 | Upgrade to 10.2.10-h14 or 10.2.13-h3 or later | |
| 10.2.11 | Upgrade to 10.2.11-h12 or 10.2.13-h3 or later | |
| 10.2.12 | Upgrade to 10.2.12-h6 or 10.2.13-h3 or later | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version | |
| PAN-OS 11.1 | 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or later |
| 11.1.2 | Upgrade to 11.1.2-h18 or 11.1.6-h1 or later | |
| 11.1.4 | Upgrade to 11.1.4-h13 or 11.1.6-h1 or later | |
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later |
| 11.2.4 | Upgrade to 11.2.4-h4 or 11.2.5 or later | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces.
"}]}],"timeline":[{"time":"2025-02-19T23:15:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2 and 11.1."},{"time":"2025-02-18T23:00:00.000Z","lang":"en","value":"Updated exploit status and solution table."},{"time":"2025-02-18T19:30:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2."},{"time":"2025-02-12T23:45:00.000Z","lang":"en","value":"Added Threat Prevention Threat ID to Workarounds and Mitigations."},{"time":"2025-02-12T17:00:00.000Z","lang":"en","value":"Initial Publication."},{"time":"2025-02-21T17:10:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 11.1 and 11.2."},{"time":"2025-02-24T22:30:00.000Z","lang":"en","value":"Clarified recommended remediations and added a FAQ."},{"time":"2025-02-26T19:15:00.000Z","lang":"en","value":"Added remediation guidance in the FAQ."},{"time":"2025-03-06T23:00:00.000Z","lang":"en","value":"Updated to explicitly state that end-of-life (EoL) versions are presumed to be affected"}],"credits":[{"lang":"en","value":"Émilio Gonzalez","type":"finder"},{"lang":"en","value":"Maxime Gaudreault","type":"finder"},{"lang":"en","value":"our Deep Product Security Research Team","type":"finder"}],"source":{"defect":["PAN-273994"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-3393","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet","datePublic":"2024-12-27T02:30:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-540","descriptions":[{"lang":"en","value":"CAPEC-540 Overread Buffers"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"11.2.0","lessThan":"11.2.3","changes":[{"at":"11.2.3","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.5","changes":[{"at":"11.1.5","status":"unaffected"},{"at":"11.1.4-h7","status":"unaffected"},{"at":"11.1.2-h16","status":"unaffected"},{"at":"11.1.3-h13","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.2.0","lessThan":"10.2.8","changes":[{"at":"10.2.8","status":"affected"},{"at":"10.2.14","status":"unaffected"},{"at":"10.2.8-h19","status":"unaffected"},{"at":"10.2.9-h19","status":"unaffected"},{"at":"10.2.10-h12","status":"unaffected"},{"at":"10.2.11-h10","status":"unaffected"},{"at":"10.2.12-h4","status":"unaffected"},{"at":"10.2.13-h2","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.1.0","lessThan":"10.1.14","changes":[{"at":"10.1.14","status":"affected"},{"at":"10.1.15","status":"unaffected"},{"at":"10.1.14-h8","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.0.0","versionType":"custom"},{"status":"unaffected","version":"9.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","platforms":["Prisma Access"],"versions":[{"status":"unaffected","version":"10.2.0","lessThan":"10.2.8","changes":[{"at":"10.2.8","status":"affected"},{"at":"10.2.9-h19","status":"unaffected"},{"at":"10.2.10-h12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.3","changes":[{"at":"11.2.3","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","platforms":["Panorama"],"versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.\n\nThis issue is applicable to the PAN-OS software versions listed below on PA-Series firewalls, VM-Series firewalls, CN-Series firewalls, and Prisma Access.","supportingMedia":[{"type":"text/html","base64":false,"value":"A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
This issue is applicable to the PAN-OS software versions listed below on PA-Series firewalls, VM-Series firewalls, CN-Series firewalls, and Prisma Access.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-3393","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"An attacker sends a malicious packet through the firewall, which processes a malicious packet that triggers this issue."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"LOW","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":8.7,"threatSeverity":"HIGH","threatScore":8.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:A/AU:N/R:U/V:C/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"Prisma Access, when only providing access to authenticated end users, processes a malicious packet that triggers this issue."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"LOW","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":7.1,"threatSeverity":"HIGH","threatScore":7.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:A/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue does not affect Cloud NGFW, Panorama M-Series, or Panorama virtual appliances.\n\nBoth of the following must be true for PAN-OS software to be affected:\n\n 1. Either a DNS Security License or an Advanced DNS Security License must be applied, AND\n 2. DNS Security logging must be enabled.\n\nYou can check for existing DNS Security Configuration in your firewalls using the PAN-OS CLI:\n\n> show config merged | match log-level\n\n * Look for entries with the string 'log-level':\n \n * If no entries are found (output is empty) or all entries show 'log-level none;', your configuration is not vulnerable, and no workaround is needed.\n * If any entries show values other than 'log-level none;', your configuration is vulnerable. You should either upgrade PAN-OS or follow the steps in the workaround section.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue does not affect Cloud NGFW, Panorama M-Series, or Panorama virtual appliances.Prisma Access managed by Strata Cloud Manager (SCM)
Until we perform an upgrade of your Prisma Access tenant, you can disable DNS Security logging across all NGFWs in your tenant by opening a support case. If you would like to expedite the upgrade, please make a note of that in the support case.
"}]}],"solutions":[{"lang":"eng","value":"This issue is fixed in PAN-OS 10.1.15, PAN-OS 10.2.14, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later PAN-OS versions.\n\nNote: PAN-OS 11.0 reached the end of life (EOL) on November 17, 2024, so we do not intend to provide a fix for this release.\n\nPrisma Access customers using DNS Security with affected PAN-OS versions should apply one of the workarounds provided below. We will perform upgrades in two phases for impacted customers on the weekends of January 3rd and January 10th. You can request an expedited Prisma Access upgrade to the latest PAN-OS version by opening a support case (https://support.paloaltonetworks.com/Support/Index).\n\nIn addition, to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\n\nAdditional PAN-OS 11.1 releases with the fix:\n\n * 11.1.2-h16 (available)\n * 11.1.3-h13 (available)\n * 11.1.4-h7 (available)\n * 11.1.5 (available)\n\nAdditional PAN-OS 10.2 releases with the fix:\n * 10.2.8-h19 (available)\n * 10.2.9-h19 (available)\n * 10.2.10-h12 (available)\n * 10.2.11-h10 (available)\n * 10.2.12-h4 (available)\n * 10.2.13-h2 (available)\n * 10.2.14 (ETA: early March)\n\nAdditional PAN-OS 10.1 releases with the fix:\n * 10.1.14-h8 (available)\n * 10.1.15 (ETA: end of February)\n\nAdditional PAN-OS releases with the fix only applicable to Prisma Access:\n * 10.2.9-h19 (available)\n * 10.2.10-h12 (available)","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 10.1.15, PAN-OS 10.2.14, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later PAN-OS versions.
Note: PAN-OS 11.0 reached the end of life (EOL) on November 17, 2024, so we do not intend to provide a fix for this release.
Prisma Access customers using DNS Security with affected PAN-OS versions should apply one of the workarounds provided below. We will perform upgrades in two phases for impacted customers on the weekends of January 3rd and January 10th. You can request an expedited Prisma Access upgrade to the latest PAN-OS version by opening a support case.
In addition, to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.
Additional PAN-OS 11.1 releases with the fix:
set system setting ctd nonblocking-pattern-match disable"}]}],"solutions":[{"lang":"eng","value":"This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations."}]}],"timeline":[{"time":"2024-11-13T17:00:00.000Z","lang":"en","value":"Initial publication"}],"source":{"defect":["PAN-262287","PAN-226361"],"discovery":"USER"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-2550","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet","datePublic":"2024-11-13T18:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-129","descriptions":[{"lang":"en","value":"CAPEC-129 Pointer Manipulation"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"unaffected","version":"11.2.0","versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.5","changes":[{"at":"11.1.5","status":"unaffected"},{"at":"11.1.4-h9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.0.0","lessThan":"11.0.6","changes":[{"at":"11.0.6","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.11","changes":[{"at":"10.2.11","status":"unaffected"},{"at":"10.2.10-h10","status":"unaffected"},{"at":"10.2.9-h18","status":"unaffected"},{"at":"10.2.8-h18","status":"unaffected"},{"at":"10.2.7-h21","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode."}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-9468","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","exploitMaturity":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.2,"threatSeverity":"HIGH","threatScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue affects only PAN-OS configurations where all of the following are true:\n* Threat Prevention is enabled.\n* The Threat Prevention signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile.\n* This setting is enabled: Device > Setup > Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue affects only PAN-OS configurations where all of the following are true:\n* Threat Prevention is enabled.\n* The Threat Prevention signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile.\n* This setting is enabled: Device > Setup > Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection."}]}],"workarounds":[{"lang":"en","value":"Customers can block attacks for this vulnerability by disabling this setting: Device > Setup Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.\n\nCustomers with a Threat Prevention subscription, who want to keep domain fronting detection enabled, can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854).","supportingMedia":[{"type":"text/html","base64":false,"value":"Customers can block attacks for this vulnerability by disabling this setting: Device > Setup Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.\n\nCustomers with a Threat Prevention subscription, who want to keep domain fronting detection enabled, can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)."}]}],"solutions":[{"lang":"en","value":"This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2025-04-30T17:45:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2"},{"time":"2024-10-14T22:40:00.000Z","lang":"eng","value":"Clarified the Required Configuration for Exposure section"},{"time":"2024-10-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}],"credits":[{"lang":"en","value":"This issue was found by Jeff Luo of Palo Alto Networks during internal review.","type":"finder"}],"source":{"defect":["PAN-244840"],"discovery":"INTERNAL"},"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"x_affectedList":["PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 11.0.5-h2","PAN-OS 11.0.5-h1","PAN-OS 11.0.5","PAN-OS 11.0.4-h4","PAN-OS 11.0.4-h3","PAN-OS 11.0.4-h2","PAN-OS 11.0.4-h1","PAN-OS 11.0.4","PAN-OS 11.0.3-h13","PAN-OS 11.0.3-h12","PAN-OS 11.0.3-h11","PAN-OS 11.0.3-h10","PAN-OS 11.0.3-h9","PAN-OS 11.0.3-h8","PAN-OS 11.0.3-h7","PAN-OS 11.0.3-h6","PAN-OS 11.0.3-h5","PAN-OS 11.0.3-h4","PAN-OS 11.0.3-h3","PAN-OS 11.0.3-h2","PAN-OS 11.0.3-h1","PAN-OS 11.0.3","PAN-OS 11.0.2-h5","PAN-OS 11.0.2-h4","PAN-OS 11.0.2-h3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h5","PAN-OS 11.0.1-h4","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h4","PAN-OS 11.0.0-h3","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-8686","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2024-09-11T00:00:00.000Z","serial":1,"dateReserved":"2024-09-11T07:00:00.000Z","datePublished":"2024-09-11T07:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"palo_alto","dateUpdated":"2024-09-11T16:34:00.000Z"},"title":"PAN-OS: Command Injection Vulnerability","datePublic":"2024-09-11T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":""}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*"],"versions":[{"status":"unaffected","version":"11.2.0","lessThan":"11.2.2","changes":[{"at":"11.2.2","status":"affected"},{"at":"11.2.3","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.2","versionType":"custom"},{"status":"unaffected","version":"11.1.0","versionType":"custom"},{"status":"unaffected","version":"11.0.0","versionType":"custom"},{"status":"unaffected","version":"10.2.0","versionType":"custom"},{"status":"unaffected","version":"10.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.","supportingMedia":[{"type":"text/html","base64":true,"value":"
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall."}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-8686","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.6,"threatSeverity":"HIGH","threatScore":8.6,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"TBD","supportingMedia":[{"type":"text/html","base64":false,"value":"TBD"}]}],"workarounds":[{"lang":"en","value":"TBD","supportingMedia":[{"type":"text/html","base64":false,"value":"TBD"}]}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2024-09-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Louis Lingg for discovering and reporting this issue.","type":"finder"}],"source":{"defect":["PAN-263321"],"discovery":"EXTERNAL"},"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"x_affectedList":["PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.2"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-5911","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-07-10T00:00:00","dateReserved":"2024-07-10T00:00:00","dateUpdated":"2024-07-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: File Upload Vulnerability in the Panorama Web Interface","datePublic":"2024-07-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-07-10T18:40:02.209Z"},"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."}]}],"x_affectedList":["PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"11.0 All","status":"unaffected"},{"version":"11.2 All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.2","status":"affected","lessThan":"10.2.4","versionType":"custom","changes":[{"at":"10.2.4","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.9","versionType":"custom","changes":[{"at":"10.1.9","status":"unaffected"}]}],"platforms":["Panorama"]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-5911"}],"credits":[{"lang":"en","value":"This issue was found by Yasukazu Miyashita of Palo Alto Networks during an internal security review."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-434 Unrestricted Upload of File with Dangerous Type","cweId":"CWE-434"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-182835"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-07-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3382","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:05:47.325Z"},"descriptions":[{"lang":"en","value":"A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."}]}],"x_affectedList":["PAN-OS 11.1.0","PAN-OS 11.1","PAN-OS 11.0.3-h3","PAN-OS 11.0.3-h2","PAN-OS 11.0.3-h1","PAN-OS 11.0.3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"10.1 All","status":"unaffected"},{"version":"10.2","status":"affected","lessThan":"10.2.7-h3","versionType":"custom","changes":[{"at":"10.2.7-h3","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.4","versionType":"custom","changes":[{"at":"11.0.4","status":"unaffected"}]},{"version":"11.1","status":"affected","lessThan":"11.1.2","versionType":"custom","changes":[{"at":"11.1.2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3382"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-770 Allocation of Resources Without Limits or Throttling","cweId":"CWE-770"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-234921"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption).","supportingMedia":{"value":"This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption).","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator’s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption). Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion).","supportingMedia":{"value":"You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator’s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption). Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3383","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:15.823Z"},"descriptions":[{"lang":"en","value":"A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."}]}],"x_affectedList":["PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"9.0 All","status":"unaffected"},{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.5","versionType":"custom","changes":[{"at":"10.2.5","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.11","versionType":"custom","changes":[{"at":"10.1.11","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3383"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Rodgers Moore, CCIE# 8153 of Insight.com, for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-282: Improper Ownership Management","cweId":"CWE-282"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-211764","PAN-218522"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine).","supportingMedia":{"value":"This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3385","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:28.153Z"},"descriptions":[{"lang":"en","value":"A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls","supportingMedia":[{"type":"text/html","base64":"false","value":"
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"}]}],"x_affectedList":["PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 9.1.16-h3","PAN-OS 9.1.16-h2","PAN-OS 9.1.16-h1","PAN-OS 9.1.16","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h7","PAN-OS 9.1.14-h6","PAN-OS 9.1.14-h5","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h4","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h6","PAN-OS 9.1.12-h5","PAN-OS 9.1.12-h4","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h4","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h5","PAN-OS 9.0.16-h4","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"9.0","status":"affected","lessThan":"9.0.17-h4","versionType":"custom","changes":[{"at":"9.0.17-h4","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.17","versionType":"custom","changes":[{"at":"9.1.17","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.12","versionType":"custom","changes":[{"at":"10.1.12","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.8","versionType":"custom","changes":[{"at":"10.2.8","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3385"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks an external reporter for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-476: NULL Pointer Dereference","cweId":"CWE-476"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-221224"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled; it does not affect PAN-OS configurations that have GTP Security enabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed.","supportingMedia":{"value":"This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled; it does not affect PAN-OS configurations that have GTP Security enabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3384","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:21.704Z"},"descriptions":[{"lang":"en","value":"A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."}]}],"x_affectedList":["PAN-OS 10.0.11-h3","PAN-OS 10.0.11-h2","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10-h1","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h10","PAN-OS 10.0.8-h9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.15","PAN-OS 9.1.14-h7","PAN-OS 9.1.14-h6","PAN-OS 9.1.14-h5","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h4","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h6","PAN-OS 9.1.12-h5","PAN-OS 9.1.12-h4","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h4","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h5","PAN-OS 9.0.16-h4","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1 All","status":"unaffected"},{"version":"10.2 All","status":"unaffected"},{"version":"11.0 All","status":"unaffected"},{"version":"11.1 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.24","versionType":"custom","changes":[{"at":"8.1.24","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17","versionType":"custom","changes":[{"at":"9.0.17","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.15-h1","versionType":"custom","changes":[{"at":"9.1.15-h1","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.12","versionType":"custom","changes":[{"at":"10.0.12","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3384"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks rqu for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-1286 Improper Validation of Syntactic Correctness of Input","cweId":"CWE-1286"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-198992"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM).","supportingMedia":{"value":"This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-6790","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2023-12-13T00:00:00","dateReserved":"2023-12-13T00:00:00","dateUpdated":"2023-12-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface","datePublic":"2023-12-13T17:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2023-12-13T18:15:48.142Z"},"descriptions":[{"lang":"en","value":"A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface."}]}],"x_affectedList":["PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.24-h1","PAN-OS 8.1.24","PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","Cloud NGFW"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.25","versionType":"custom","changes":[{"at":"8.1.25","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17","versionType":"custom","changes":[{"at":"9.0.17","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.16","versionType":"custom","changes":[{"at":"9.1.16","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.9","versionType":"custom","changes":[{"at":"10.1.9","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.4","versionType":"custom","changes":[{"at":"10.2.4","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.1","versionType":"custom","changes":[{"at":"11.0.1","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.12","versionType":"custom","changes":[{"at":"10.0.12","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2023-3284"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":7.5,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","cweId":"CWE-79"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-193367"],"discovery":"EXTERNAL"},"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nPlease note that customers impacted by the PAN-OS root and default certificate expiration issue must carefully select the fixed version of PAN-OS they upgrade their devices to when addressing this vulnerability to not reintroduce the certificate issue. More information and support for the certificate expiration issue in PAN-OS is available at https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nPlease note that customers impacted by the PAN-OS root and default certificate expiration issue must carefully select the fixed version of PAN-OS they upgrade their devices to when addressing this vulnerability to not reintroduce the certificate issue. More information and support for the certificate expiration issue in PAN-OS is available at https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672.","type":"text/html","base64":false}}],"timeline":[{"time":"2023-12-13T17:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-38802","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2023-09-13T16:00:00.000Z","dateReserved":"2023-09-13T16:00:00.000Z","dateUpdated":"2024-01-18T00:00:00.000000Z"},"containers":{"cna":{"title":" PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software","datePublic":"2023-09-13T16:00:00.000Z","providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2023-11-15T05:07:02.171314"},"descriptions":[{"lang":"en","value":"BGP software such as FRRouting FRR included as part of the PAN-OS, Prisma SD-WAN ION, and Prisma Access routing features enable a remote attacker to incorrectly reset network sessions though an invalid BGP update. This issue is applicable only to devices and appliances with BGP routing features enabled.\n\nThis issue requires the remote attacker to control at least one established BGP session that is propagated to the router to exploit it. The denial-of-service (DoS) impact on the network is dependent on the network's architecture and fault tolerant design.\n\nPrisma Access ‘Security Processing Node Endpoint Remote Network (SP-RN/Branches)' and 'Service Connections (SCs/CANs)' nodes do not peer with the Internet and do not receive Internet routes directly unless explicitly configured by the customer. Prisma Access Nodes are commonly protected by unaffected customer-premise equipment (CPE router devices). Hence the impact of this issue on Prisma Access is limited.\n\nFurther details about this issue can be found at: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
BGP software such as FRRouting FRR included as part of the PAN-OS, Prisma SD-WAN ION, and Prisma Access routing features enable a remote attacker to incorrectly reset network sessions though an invalid BGP update. This issue is applicable only to devices and appliances with BGP routing features enabled.\n\nThis issue requires the remote attacker to control at least one established BGP session that is propagated to the router to exploit it. The denial-of-service (DoS) impact on the network is dependent on the network's architecture and fault tolerant design.\n\nPrisma Access ‘Security Processing Node Endpoint Remote Network (SP-RN/Branches)' and 'Service Connections (SCs/CANs)' nodes do not peer with the Internet and do not receive Internet routes directly unless explicitly configured by the customer. Prisma Access Nodes are commonly protected by unaffected customer-premise equipment (CPE router devices). Hence the impact of this issue on Prisma Access is limited.\n\nFurther details about this issue can be found at: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling\n"}]}],"x_affectedList":["Prisma SD-WAN ION 6.2","Prisma SD-WAN ION 6.1","Prisma Access","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 9.1.16-h2","PAN-OS 9.1.16-h1","PAN-OS 9.1.16","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.6","versionType":"custom","changes":[{"at":"10.2.6","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.11","versionType":"custom","changes":[{"at":"10.1.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.16-h3","versionType":"custom","changes":[{"at":"9.1.16-h3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.26","versionType":"custom","changes":[{"at":"8.1.26","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17-h4","versionType":"custom","changes":[{"at":"9.0.17-h4","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"Customers whose most recent software upgrade was before 09/30","status":"affected"},{"version":"Customers who have received a software upgrade or are using new software on or after 09/30","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma SD-WAN ION","versions":[{"version":"5.6 All","status":"unaffected"},{"version":"6.1","status":"affected","lessThan":"6.1.5","versionType":"custom","changes":[{"at":"6.1.5","status":"unaffected"}]},{"version":"6.2","status":"affected","lessThan":"6.2.3","versionType":"custom","changes":[{"at":"6.2.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2023-38802"},{"tags":["x_refsource_CONFIRM"],"url":"https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Ben Cartwright-Cox for discovering this issue in BGP implementations."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:C/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","cweId":"CWE-754"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-227523"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to devices and appliances that are configured with BGP routing features enabled. You can verify whether BGP is enabled for a router by selecting it from 'Network > Virtual Routers’ or 'Network > Logical Routers’ in the web interface of PAN-OS firewalls.\n\nTo exploit this issue, the remote attacker must control at least one established BGP session that is propagated to the router.","supportingMedia":{"value":"This issue is applicable only to devices and appliances that are configured with BGP routing features enabled. You can verify whether BGP is enabled for a router by selecting it from 'Network > Virtual Routers’ or 'Network > Logical Routers’ in the web interface of PAN-OS firewalls.\n\nTo exploit this issue, the remote attacker must control at least one established BGP session that is propagated to the router.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"You can prevent exploitation of this issue by inserting an unaffected BGP router—configured to drop the invalid BGP update instead of propagating it—between the attacker-originated BGP update and PAN-OS, Prisma SD-WAN ION, and Prisma Access devices. This stops the invalid BGP update from reaching the affected router.","supportingMedia":{"value":"You can prevent exploitation of this issue by inserting an unaffected BGP router—configured to drop the invalid BGP update instead of propagating it—between the attacker-originated BGP update and PAN-OS, Prisma SD-WAN ION, and Prisma Access devices. This stops the invalid BGP update from reaching the affected router.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting our customers. However, knowledge of invalid BGP attributes that trigger this issue is publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting our customers. However, knowledge of invalid BGP attributes that trigger this issue is publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.16-h3, PAN-OS 10.1.11, PAN-OS 10.2.6, PAN-OS 11.0.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma SD-WAN ION 6.1.5, Prisma SD-WAN ION 6.2.3, and all later Prisma SD-WAN ION versions. This issue does not impact Prisma SD-WAN ION 5.6 versions.\n\nFor Prisma Access customers, the upgrade to fix this issue will be available on 09/30. Customers should work with their Prisma Access contacts and support to secure a maintenance window for the on-demand software upgrade.\n\nPlease note that full Prisma Access data plane upgrades scheduled on and after 09/30 will have this fix incorporated by default. No additional action is necessary for these customers to remediate this issue.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.16-h3, PAN-OS 10.1.11, PAN-OS 10.2.6, PAN-OS 11.0.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma SD-WAN ION 6.1.5, Prisma SD-WAN ION 6.2.3, and all later Prisma SD-WAN ION versions. This issue does not impact Prisma SD-WAN ION 5.6 versions.\n\nFor Prisma Access customers, the upgrade to fix this issue will be available on 09/30. Customers should work with their Prisma Access contacts and support to secure a maintenance window for the on-demand software upgrade.\n\nPlease note that full Prisma Access data plane upgrades scheduled on and after 09/30 will have this fix incorporated by default. No additional action is necessary for these customers to remediate this issue.","type":"text/html","base64":false}}],"timeline":[{"time":"2023-12-13T17:00:00.000Z","lang":"eng","value":"Updated the ETA for the fix in Prisma SD-WAN ION 6.2"},{"time":"2023-12-09T00:00:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 8.1.26 and PAN-OS 9.0.17-h4"},{"time":"2023-11-08T17:00:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 11.0.3 and added CVSS 4.0 scoring"},{"time":"2023-11-08T17:00:00.000Z","lang":"eng","value":"A fix for this issue is being developed for PAN-OS 8.1 and PAN-OS 9.0"},{"time":"2023-11-02T21:05:00.000Z","lang":"eng","value":"Updated the ETA for the fix in PAN-OS 11.0.3"},{"time":"2023-10-24T02:20:00.000Z","lang":"eng","value":"Updated availability of the fix in Prisma SD-WAN ION 6.1.5"},{"time":"2023-10-16T16:15:00.000Z","lang":"eng","value":"Updated the ETA for the fix in Prisma SD-WAN ION 6.1"},{"time":"2023-10-11T16:00:00.000Z","lang":"eng","value":"Updated the ETA for the fix in PAN-OS 11.0.3"},{"time":"2023-10-04T02:05:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 9.1.16-h3"},{"time":"2023-09-28T04:45:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 10.1.11 and 10.2.6"},{"time":"2023-09-22T00:02:00.000Z","lang":"eng","value":"Updated guidance for Prisma Access customers"},{"time":"2023-09-16T00:34:00.000Z","lang":"eng","value":"Prisma SD-WAN ION is confirmed to be impacted"},{"time":"2023-09-15T01:00:00.000Z","lang":"eng","value":"The impact of this issue is under investigation for Prisma Access"},{"time":"2023-09-13T16:00:00.000Z","lang":"eng","value":"Initial Publication"},{"time":"2024-01-18T18:00:00.000Z","lang":"eng","value":"Updated availability of the fix in Prisma SD-WAN ION 6.2.3"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0030","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-10-12T00:00:00","dateReserved":"2022-10-12T00:00:00","dateUpdated":"2022-10-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authentication Bypass in Web Interface","datePublic":"2022-10-12T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2022-10-12T00:00:00"},"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."}]}],"x_affectedList":["PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"10.1 All","status":"unaffected"},{"version":"10.2 All","status":"unaffected"},{"version":"10.0 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.24","versionType":"custom","changes":[{"at":"8.1.24","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0030"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks the security researcher that discovered and reported this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing","cweId":"CWE-290"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-195571"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-10-12T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-08-10T00:00:00","dateReserved":"2022-08-10T00:00:00","dateUpdated":"2022-08-19T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering","datePublic":"2022-08-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-08-10T16:00:16","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target.\n\nTo be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator.\n\nIf exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack.\n\nWe have taken prompt action to address this issue in our PAN-OS software. All PAN-OS software updates for this issue are now available. This issue does not impact Panorama M-Series or Panorama virtual appliances.\n\nThis issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target.\n\nTo be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator.\n\nIf exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack.\n\nWe have taken prompt action to address this issue in our PAN-OS software. All PAN-OS software updates for this issue are now available. This issue does not impact Panorama M-Series or Panorama virtual appliances.\n\nThis issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."}]}],"x_affectedList":["PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.23-h1","versionType":"custom","changes":[{"at":"8.1.23-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16-h3","versionType":"custom","changes":[{"at":"9.0.16-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.14-h4","versionType":"custom","changes":[{"at":"9.1.14-h4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.11-h1","versionType":"custom","changes":[{"at":"10.0.11-h1","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.6-h6","versionType":"custom","changes":[{"at":"10.1.6-h6","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.2-h2","versionType":"custom","changes":[{"at":"10.2.2-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"},{"version":"3.0 All","status":"unaffected"},{"version":"3.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0028"}],"credits":[{"lang":"en","value":"This issue was responsibly reported to Palo Alto Networks by Excellium-Services S.A. CSIRT, CERT-XLM."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":8.6,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-406 Insufficient Control of Network Message Volume (Network Amplification)","cweId":"CWE-406"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-192999"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection > TCP Drop > TCP Syn With Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.","supportingMedia":{"value":"The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection > TCP Drop > TCP Syn With Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"If you have a URL filtering policy with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection > TCP Drop > TCP SYN with Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nOR\n2. Flood protection (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\nIt is not necessary nor advantageous to apply both the attack and flood protections. \n(Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection","supportingMedia":{"value":"If you have a URL filtering policy with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection > TCP Drop > TCP SYN with Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nOR\n2. Flood protection (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\nIt is not necessary nor advantageous to apply both the attack and flood protections. \n(Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n","supportingMedia":{"value":"Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration.\n\nThis issue is fixed in PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions for PA-Series, VM-Series and CN-Series firewalls.\n\nAll PAN-OS software updates for this issue are now available.","supportingMedia":{"value":"We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration.\n\nThis issue is fixed in PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions for PA-Series, VM-Series and CN-Series firewalls.\n\nAll PAN-OS software updates for this issue are now available.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-08-10T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-08-10T23:10:00.000Z","lang":"eng","value":"PAN-OS 10.1.6-h6 fixed version is now available. Updated ETA for PAN-OS 8.1.23-h1. Clarified URL filtering assignment language."},{"time":"2022-08-12T02:45:00.000Z","lang":"eng","value":"An update to the acknowledgements section of the advisory."},{"time":"2022-08-16T00:42:00.000Z","lang":"eng","value":"PAN-OS 8.1.23-h1 fixed version is now available."},{"time":"2022-08-18T23:38:00.000Z","lang":"eng","value":"PAN-OS 10.2.2-h2 fixed version is now available."},{"time":"2022-08-19T16:22:00.000Z","lang":"eng","value":"PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, and PAN-OS 10.0.11-h1 fixed versions are now available."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0024","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-05-11T00:00:00","dateReserved":"2022-05-11T00:00:00","dateUpdated":"2022-05-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit","datePublic":"2022-05-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-05-11T16:30:22","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.\n\nThis issue does not impact Panorama appliances or Prisma Access customers.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.\n\nThis issue does not impact Panorama appliances or Prisma Access customers."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5.\n"}]}],"x_affectedList":["PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.1","status":"affected","lessThan":"9.1.13","versionType":"custom","changes":[{"at":"9.1.13","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.5","versionType":"custom","changes":[{"at":"10.1.5","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16","versionType":"custom","changes":[{"at":"9.0.16","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.23","versionType":"custom","changes":[{"at":"8.1.23","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.10","versionType":"custom","changes":[{"at":"10.0.10","status":"unaffected"}]},{"version":"10.2.0","status":"unaffected","lessThan":"10.2*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0024"}],"credits":[{"lang":"en","value":" This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-138 Improper Neutralization of Special Elements","cweId":"CWE-138"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-177551"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-05-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0778","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-03-31T00:00:00","dateReserved":"2022-03-31T00:00:00","dateUpdated":"2022-06-24T00:00:00.000000Z"},"containers":{"cna":{"title":"Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778","datePublic":"2022-03-31T02:30:00.000Z","providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2024-06-21T19:07:01.186352"},"descriptions":[{"lang":"en","value":"The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products.\n\nThis vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.\n\nThe Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\nAll fixed versions of Cortex XDR agent, GlobalProtect app, and PAN-OS are now available.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products.\n\nThis vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.\n\nThe Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\nAll fixed versions of Cortex XDR agent, GlobalProtect app, and PAN-OS are now available."}]},{"lang":"en","value":"This issue impacts the following versions of PAN-OS:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h2;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5-h1;\nPAN-OS 10.2 versions earlier than PAN-OS 10.2.1.\n\n\nThis issue impacts the following versions of GlobalProtect app:\nGlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.11;\nGlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.12;\nGlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.4;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.1 on Windows and macOS;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.2 on Android and iOS.\n\n\nThis issue impacts the following versions and builds of Cortex XDR agent:\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux;\nAll versions and builds of Cortex XDR agent 7.4;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 on Linux;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts the following versions of PAN-OS:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h2;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5-h1;\nPAN-OS 10.2 versions earlier than PAN-OS 10.2.1.\n\n\nThis issue impacts the following versions of GlobalProtect app:\nGlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.11;\nGlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.12;\nGlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.4;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.1 on Windows and macOS;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.2 on Android and iOS.\n\n\nThis issue impacts the following versions and builds of Cortex XDR agent:\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux;\nAll versions and builds of Cortex XDR agent 7.4;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 on Linux;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux."}]},{"lang":"en","value":"This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s)."}]}],"x_affectedList":["Prisma Access 3.1","Prisma Access 3.0","Prisma Access 2.2","Prisma Access 2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","GlobalProtect App 6.0","GlobalProtect App 5.3","GlobalProtect App 5.2","GlobalProtect App 5.1","Cortex XDR Agent 7.7","Cortex XDR Agent 7.6","Cortex XDR Agent 7.5-CE","Cortex XDR Agent 7.5","Cortex XDR Agent 7.4","Cortex XDR Agent 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.23","versionType":"custom","changes":[{"at":"8.1.23","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.13-h3","versionType":"custom","changes":[{"at":"9.1.13-h3","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.10","versionType":"custom","changes":[{"at":"10.0.10","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.5-h1","versionType":"custom","changes":[{"at":"10.1.5-h1","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.1","versionType":"custom","changes":[{"at":"10.2.1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16-h2","versionType":"custom","changes":[{"at":"9.0.16-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 Preferred, Innovation","status":"affected"},{"version":"2.2 Preferred","status":"affected"},{"version":"3.0 Preferred, Innovation","status":"affected"},{"version":"3.1 Preferred, Innovation","status":"affected"}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"6.0","status":"affected","lessThan":"6.0.1","versionType":"custom","changes":[{"at":"6.0.1","status":"unaffected"}]}],"platforms":["Windows and macOS"]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"5.2","status":"affected","lessThan":"5.2.12","versionType":"custom","changes":[{"at":"5.2.12","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThan":"5.1.11","versionType":"custom","changes":[{"at":"5.1.11","status":"unaffected"}]},{"version":"5.3","status":"affected","lessThan":"5.3.4","versionType":"custom","changes":[{"at":"5.3.4","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"6.0","status":"affected","lessThan":"6.0.2","versionType":"custom","changes":[{"at":"6.0.2","status":"unaffected"}]}],"platforms":["Android and iOS"]},{"vendor":"Palo Alto Networks","product":"Cortex XSOAR","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.4.*","status":"affected"}]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"6.1","status":"affected","lessThan":"6.1.9.61370","versionType":"custom","changes":[{"at":"6.1.9.61370","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.60642","versionType":"custom","changes":[{"at":"7.5.100.60642","status":"unaffected"}]},{"version":"7.5","status":"affected","lessThan":"7.5.3.60113","versionType":"custom","changes":[{"at":"7.5.3.60113","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.60545","versionType":"custom","changes":[{"at":"7.6.2.60545","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.60725","versionType":"custom","changes":[{"at":"7.7.0.60725","status":"unaffected"}]}],"platforms":["Windows"]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.5","status":"affected","lessThan":"7.5.3.2265","versionType":"custom","changes":[{"at":"7.5.3.2265","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.2311","versionType":"custom","changes":[{"at":"7.6.2.2311","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.2356","versionType":"custom","changes":[{"at":"7.7.0.2356","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThan":"6.1.7.1690","versionType":"custom","changes":[{"at":"6.1.7.1690","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.2276","versionType":"custom","changes":[{"at":"7.5.100.2276","status":"unaffected"}]}],"platforms":["macOS"]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.5","status":"affected","lessThan":"7.5.3.59465","versionType":"custom","changes":[{"at":"7.5.3.59465","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.59612","versionType":"custom","changes":[{"at":"7.6.2.59612","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.59559","versionType":"custom","changes":[{"at":"7.7.0.59559","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThan":"6.1.7.60245","versionType":"custom","changes":[{"at":"6.1.7.60245","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.59687","versionType":"custom","changes":[{"at":"7.5.100.59687","status":"unaffected"}]}],"platforms":["Linux"]},{"vendor":"Palo Alto Networks","product":"Prisma Cloud","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0778"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.openssl.org/news/secadv/20220315.txt"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-834 Excessive Iteration","cweId":"CWE-834"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-190175","PAN-190223"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits.\n\nCustomers will need to upgrade their products to a fixed version to completely remove the risk of this issue.\n","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits.\n\nCustomers will need to upgrade their products to a fixed version to completely remove the risk of this issue.\n","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, PAN-OS 10.2.1, and all later PAN-OS versions.\n\nThis issue is fixed in GlobalProtect app 5.1.11, GlobalProtect app 5.2.12, GlobalProtect app 5.3.4, GlobalProtect app 6.0.1 on Window and macOS, GlobalProtect app 6.0.2 on Android and iOS, and all later GlobalProtect app versions.\n\nThis issue is fixed in Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows, Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS, Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux, Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows, Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS, Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux, Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows, Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS, Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 hotfix on Linux, Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows, Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS, Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux, and all later versions and builds of Cortex XDR agent. Cortex XDR agent 7.4 is end-of-life on May 24, 2022 and is not expected to receive a fix for this issue.\n\nThis issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, PAN-OS 10.2.1, and all later PAN-OS versions.\n\nThis issue is fixed in GlobalProtect app 5.1.11, GlobalProtect app 5.2.12, GlobalProtect app 5.3.4, GlobalProtect app 6.0.1 on Window and macOS, GlobalProtect app 6.0.2 on Android and iOS, and all later GlobalProtect app versions.\n\nThis issue is fixed in Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows, Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS, Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux, Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows, Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS, Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux, Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows, Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS, Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 hotfix on Linux, Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows, Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS, Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux, and all later versions and builds of Cortex XDR agent. Cortex XDR agent 7.4 is end-of-life on May 24, 2022 and is not expected to receive a fix for this issue.\n\nThis issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","type":"text/html","base64":false}}],"timeline":[{"time":"2022-05-11T16:00:00.000Z","lang":"eng","value":"Cortex XDR agent fixes for Cortex XDR agent 6.1 and 7.5-CE are now available."},{"time":"2022-05-04T17:40:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 6.0.1 is now available."},{"time":"2022-04-30T01:00:00.000Z","lang":"eng","value":"Updated fix information for Cortex XDR agent. New fix ETA for Prisma Access customers."},{"time":"2022-04-27T17:15:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 8.1.23 is now available."},{"time":"2022-04-22T03:00:00.000Z","lang":"eng","value":"Added new Cortex XDR agent fix ETAs. Updated ETA for PAN-OS 8.1.23 fix."},{"time":"2022-04-20T17:00:00.000Z","lang":"eng","value":"Added new GlobalProtect app 5.3 fix ETA."},{"time":"2022-04-19T18:15:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 10.2.1 is now available."},{"time":"2022-04-15T20:30:00.000Z","lang":"eng","value":"Added new GlobalProtect app fix ETAs."},{"time":"2022-04-12T23:45:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 10.0.10 is now available."},{"time":"2022-04-12T01:00:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 9.0.16-h2 is now available."},{"time":"2022-04-07T23:45:00.000Z","lang":"eng","value":"PAN-OS fixed versions PAN-OS 9.1.13-h3 and PAN-OS 10.1.5-h1 are now available."},{"time":"2022-04-06T18:00:00.000Z","lang":"eng","value":"Added new PAN-OS fix ETAs, available threat prevention signatures, and additional FAQ."},{"time":"2022-03-31T02:30:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-05-12T21:10:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.1.11 is now available."},{"time":"2022-05-28T01:45:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.2.12 is now available."},{"time":"2022-05-31T16:40:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.3.4 is now available."},{"time":"2022-06-24T19:04:00.000Z","lang":"eng","value":"Fixed version clarification for GlobalProtect app on Android and iOS platforms."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3058","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability in Web Interface XML API","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:21","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"This issue does not impact Prisma Access firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue does not impact Prisma Access firewalls."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3058"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176653"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API.","supportingMedia":{"value":"This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T18:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3063","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-12-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:29","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.21;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.21;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.21","versionType":"custom","changes":[{"at":"8.1.21","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h4","versionType":"custom","changes":[{"at":"9.0.14-h4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8-h4","versionType":"custom","changes":[{"at":"10.0.8-h4","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h3","versionType":"custom","changes":[{"at":"9.1.11-h3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.2 All","status":"unaffected"},{"version":"2.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3063"}],"credits":[{"lang":"en","value":" This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-755 Improper Handling of Exceptional Conditions","cweId":"CWE-755"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-180032"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","supportingMedia":{"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","supportingMedia":{"value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-11T02:00:00.000Z","lang":"eng","value":"PAN-OS 10.0.8-h4 is now available"},{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-12-09T17:16:00.000Z","lang":"eng","value":"Fixed the discovery status as this was internally found."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3059","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-17T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:23","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.2 All","status":"unaffected"},{"version":"2.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3059"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176618"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to firewalls and Panoramas that receive dynamic updates from an update server.\n\nTo verify this on firewalls not managed by Panorama ‘Device > Dynamic Updates’ from the web interface.\n\nTo verify this on Panorama review ‘Panorama > Dynamic Updates’ from the web interface.\n\nTo verify this for Panorama managed firewalls review ‘Panorama > Device Deployment > Dynamic Updates’ from the Panorama web interface.\n\nFirewalls that only receive content updates pushed from Panoramas are not susceptible to this issue.","supportingMedia":{"value":"This issue is applicable only to firewalls and Panoramas that receive dynamic updates from an update server.\n\nTo verify this on firewalls not managed by Panorama ‘Device > Dynamic Updates’ from the web interface.\n\nTo verify this on Panorama review ‘Panorama > Dynamic Updates’ from the web interface.\n\nTo verify this for Panorama managed firewalls review ‘Panorama > Device Deployment > Dynamic Updates’ from the Panorama web interface.\n\nFirewalls that only receive content updates pushed from Panoramas are not susceptible to this issue.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Updating dynamic content from a local file will prevent exposure to this vulnerability until you are able to upgrade PAN-OS firewalls and Panorama to a fixed version. You can disable scheduled dynamic updates in the web interface.\n\nPush content updates from Panorama to the managed firewalls until you are able to upgrade PAN-OS to a fixed version. The process of upgrading dynamic content on managed devices is referenced here:\nhttps://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/panorama-web-interface/panorama-managed-devices-summary/firewall-software-and-content-updates.html","supportingMedia":{"value":"Updating dynamic content from a local file will prevent exposure to this vulnerability until you are able to upgrade PAN-OS firewalls and Panorama to a fixed version. You can disable scheduled dynamic updates in the web interface.\n\nPush content updates from Panorama to the managed firewalls until you are able to upgrade PAN-OS to a fixed version. The process of upgrading dynamic content on managed devices is referenced here:\nhttps://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/panorama-web-interface/panorama-managed-devices-summary/firewall-software-and-content-updates.html","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T18:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-11-12T00:00:00.000Z","lang":"eng","value":"Prisma Access is not impacted"},{"time":"2021-11-17T22:20:00.000Z","lang":"eng","value":"Updated workaround and required configuration"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3062","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-17T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:27","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS.\n\nExploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS.\n\nExploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"9.1","status":"affected","lessThan":"9.1.11","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]}],"platforms":["VM-Series"]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3062"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) and Suresh Kumar Ponnusamy of Freshworks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-284 Improper Access Control","cweId":"CWE-284"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-164422"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' on the web interface.","supportingMedia":{"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' on the web interface.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"There are no known workarounds for this issue.","supportingMedia":{"value":"There are no known workarounds for this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-11-17T22:40:00.000Z","lang":"eng","value":"Updated credit"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2021-3056","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2021-11-10T00:00:00.000Z","serial":1,"dateReserved":"2021-11-10T08:00:00.000Z","datePublished":"2021-11-10T08:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"palo_alto","dateUpdated":"2021-11-11T01:10:00.000Z"},"title":"PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication","datePublic":"2021-11-10T17:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-120","description":"CWE-120 Buffer Overflow","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":""}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"2.2","versionType":"custom"},{"status":"affected","version":"2.1","changes":[{"at":"2.1","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"status":"unaffected","version":"10.1.0","versionType":"custom"},{"status":"affected","version":"10.0.0","lessThan":"10.0.1","changes":[{"at":"10.0.1","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"9.1.0","lessThan":"9.1.9","changes":[{"at":"9.1.9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"9.0.0","lessThan":"9.0.14","changes":[{"at":"9.0.14","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"8.1.0","lessThan":"8.1.20","changes":[{"at":"8.1.20","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.1"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.20"}]}]}],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.\n\nThis issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n\nPrisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue.","supportingMedia":[{"type":"text/html","base64":true,"value":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."}]}],"x_affectedList":["Prisma Access 2.1","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 Preferred","status":"affected"},{"version":"2.2 All","status":"unaffected"},{"version":"2.1 Innovation","status":"affected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3060"},{"tags":["x_refsource_CONFIRM"],"url":"https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176661"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting 'Device > Master Key and Diagnostics' from the web interface and change the key if needed.\n","supportingMedia":{"value":"This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting 'Device > Master Key and Diagnostics' from the web interface and change the key if needed.\n","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue.","supportingMedia":{"value":"Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."}],"timeline":[{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-08-06T00:15:00.000Z","lang":"eng","value":"Updated Prisma Access documentation link; added a note about a public proof of concept script."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3054","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:21","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.7;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.2.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.7;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.2.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.7","versionType":"custom","changes":[{"at":"10.0.7","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.2","versionType":"custom","changes":[{"at":"10.1.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3054"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Praetorian for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","cweId":"CWE-367"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-138727"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91572 on traffic processed by the firewall to block attacks against CVE-2021-3054.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91572 on traffic processed by the firewall to block attacks against CVE-2021-3054.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-12T16:00:00.000Z","lang":"eng","value":"Added threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-10188","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-08T11:09:32","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code.\n\nThe Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is disabled.\n\nThis issue does not impact SSH or HTTPS management interfaces. This issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code.\n\nThe Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is disabled.\n\nThis issue does not impact SSH or HTTPS management interfaces. This issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.9","versionType":"custom","changes":[{"at":"9.1.9","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.6","versionType":"custom","changes":[{"at":"10.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-10188"}],"credits":[{"lang":"en","value":"This issue was found by an external researcher in the upstream Telnet code."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-120 Buffer Overflow","cweId":"CWE-120"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-158262"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is exploitable only if the Telnet service is enabled and is accessible to attackers.","supportingMedia":{"value":"This issue is exploitable only if the Telnet service is enabled and is accessible to attackers.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Disabling the Telnet-based administrative management service completely eliminates risks of exploitation of this issue.\n\nThis issue requires the attacker to have network access to the PAN-OS Telnet interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n\nIf the Telnet-based administrative management service is required and you cannot immediately upgrade your PAN-OS software, enable signatures for Unique Threat ID 59125 on traffic destined for the Telnet interface to block attacks against CVE-2020-10188.","supportingMedia":{"value":"Disabling the Telnet-based administrative management service completely eliminates risks of exploitation of this issue.\n\nThis issue requires the attacker to have network access to the PAN-OS Telnet interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n\nIf the Telnet-based administrative management service is required and you cannot immediately upgrade your PAN-OS software, enable signatures for Unique Threat ID 59125 on traffic destined for the Telnet interface to block attacks against CVE-2020-10188.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting Palo Alto Networks products.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting Palo Alto Networks products.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.6, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.6, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3052","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:18","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than 8.1.20;\nPAN-OS 9.0 versions earlier than 9.0.14;\nPAN-OS 9.1 versions earlier than 9.1.10;\nPAN-OS 10.0 versions earlier than 10.0.2.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than 8.1.20;\nPAN-OS 9.0 versions earlier than 9.0.14;\nPAN-OS 9.1 versions earlier than 9.1.10;\nPAN-OS 10.0 versions earlier than 10.0.2.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.10","versionType":"custom","changes":[{"at":"9.1.10","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.2","versionType":"custom","changes":[{"at":"10.0.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3052"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Cristian Mocanu and Dan Marin of Deloitte for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-150337"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat IDs 91573, 91574, 91575, 91576 on traffic destined for the web interface to block attacks against CVE-2021-3052.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat IDs 91573, 91574, 91575, 91576 on traffic destined for the web interface to block attacks against CVE-2021-3052.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-12T16:00:00.000Z","lang":"eng","value":"Added threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3053","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Exceptional Condition Denial-of-Service (DoS)","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:19","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.5.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.5.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.9","versionType":"custom","changes":[{"at":"9.1.9","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.5","versionType":"custom","changes":[{"at":"10.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3053"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-755 Improper Handling of Exceptional Conditions","cweId":"CWE-755"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-158723"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only if GTP security is configured on the firewall.","supportingMedia":{"value":"This issue is applicable only if GTP security is configured on the firewall.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91593 on traffic processed by the firewall to block attacks against CVE-2021-3053.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91593 on traffic processed by the firewall to block attacks against CVE-2021-3053.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-13T16:00:00.000Z","lang":"eng","value":"Added required configuration for exposure and threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3050","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-08-11T00:00:00","dateReserved":"2021-08-11T00:00:00","dateUpdated":"2021-08-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability in Web Interface","datePublic":"2021-08-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-08-11T17:10:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges.\n\nThis issue impacts:\nPAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14;\nPAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;\nPAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions;\nPAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1.\n\nPrisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges.\n\nThis issue impacts:\nPAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14;\nPAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;\nPAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions;\nPAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1.\n\nPrisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.\n"}]}],"x_affectedList":["PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"9.0.10","status":"affected","lessThan":"9.0*","versionType":"custom","changes":[{"at":"9.0.15","status":"unaffected"}]},{"version":"9.1.4","status":"affected","lessThan":"9.1*","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"10.0.0","status":"affected","lessThan":"10.0*","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1.0","status":"affected","lessThan":"10.1*","versionType":"custom","changes":[{"at":"10.1.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3050"}],"credits":[{"lang":"en","value":"This issue was found by an external security researcher."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-174326"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions.","supportingMedia":{"value":"We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-08-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2022","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama session disclosure during context switch into managed device","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5."}]}],"x_affectedList":["PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.0.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.17","versionType":"custom","changes":[{"at":"8.1.17","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.11","versionType":"custom","changes":[{"at":"9.0.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.5","versionType":"custom","changes":[{"at":"9.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2022"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-200 Information Exposure","cweId":"CWE-200"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125218"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","supportingMedia":{"value":"This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","supportingMedia":{"value":"This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","type":"text/html","base64":false}},{"lang":"en","value":"This issue impacts the management web interface of appliances running PAN-OS software and is strongly mitigated by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/best-practices"}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2050","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-19T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authentication bypass vulnerability in GlobalProtect client certificate verification","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:22","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication.\n\nImpacted features that use SSL VPN with client certificate verification are:\n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n GlobalProtect Large Scale VPN\n\nIn configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication.\n\nImpacted features that use SSL VPN with client certificate verification are:\n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n GlobalProtect Large Scale VPN\n\nIn configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1."}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.17","versionType":"custom","changes":[{"at":"8.1.17","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.11","versionType":"custom","changes":[{"at":"9.0.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.5","versionType":"custom","changes":[{"at":"9.1.5","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2050"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":8.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-285 Improper Authorization","cweId":"CWE-285"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-146650"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is only applicable to PAN-OS appliances using the GlobalProtect VPN, gateway, or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue.\n","supportingMedia":{"value":"This issue is only applicable to PAN-OS appliances using the GlobalProtect VPN, gateway, or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue.\n","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59884 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2050.\n\nThis issue can be mitigated by configuring GlobalProtect to require users to authenticate with their credentials. Other authentication methods are not impacted by this issue.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59884 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2050.\n\nThis issue can be mitigated by configuring GlobalProtect to require users to authenticate with their credentials. Other authentication methods are not impacted by this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-11-13T00:42:00.000Z","lang":"eng","value":"New workaround is available."},{"time":"2020-11-19T21:00:00.000Z","lang":"eng","value":"Updated to mention LSVPN and IPSec based VPN is not affected."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2000","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection and memory corruption vulnerability","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.4;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.4;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n"}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.4","versionType":"custom","changes":[{"at":"9.1.4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2000"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-149822","PAN-150013","PAN-150170","CYR-14134","CYR-14135"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59888, and 59891 on a firewall protecting the management interface will block attacks against CVE-2020-2000.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59888, and 59891 on a firewall protecting the management interface will block attacks against CVE-2020-2000.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-11-13T00:47:00.000Z","lang":"eng","value":"Added a new workaround"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2042","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2020-09-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n"}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.1.*","status":"unaffected"},{"version":"9.0.*","status":"unaffected"},{"version":"8.1.*","status":"unaffected"},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2042"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-145797","PAN-150409"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2038","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-09-16T15:06:18","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 9.0 versions earlier than 9.0.10;\nPAN-OS 9.1 versions earlier than 9.1.4;\nPAN-OS 10.0 versions earlier than 10.0.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 9.0 versions earlier than 9.0.10;\nPAN-OS 9.1 versions earlier than 9.1.4;\nPAN-OS 10.0 versions earlier than 10.0.1."}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.4","versionType":"custom","changes":[{"at":"9.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2038"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-101484"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59954 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2038.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59954 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2038.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"},{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2037","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:26","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3."}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]},{"version":"10.0.0","status":"unaffected","lessThan":"10.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2037"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov of Positive Technologies, and Nicholas Newsom of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-128761"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59971 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2037.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59971 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2037.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2036","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T18:16:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9."}]}],"x_affectedList":["PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"},{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"10.0.0","status":"unaffected","lessThan":"10.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2036"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies and Ben Nott of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-116720"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59968 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2036.\n\nAdministrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources. \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59968 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2036.\n\nAdministrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources. \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2041","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2020-09-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Management web interface denial-of-service (DoS)","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.\n\nThis issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.\n\nThis issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16."}]}],"x_affectedList":["PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0.*","status":"unaffected"},{"version":"9.1.*","status":"unaffected"},{"version":"10.0.*","status":"unaffected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2041"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-16 Configuration","cweId":"CWE-16"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-151978"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2034","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-07-08T00:00:00","dateReserved":"2020-07-08T00:00:00","dateUpdated":"2020-07-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in GlobalProtect portal","datePublic":"2020-07-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-07-08T16:35:17","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue. This issue cannot be exploited if the GlobalProtect portal feature is not enabled.\nThis issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1.\nPrisma Access services are not impacted by this vulnerability. Firewalls that were upgraded to the latest versions of PAN-OS to resolve CVE-2020-2021 are not vulnerable to this issue.\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue. This issue cannot be exploited if the GlobalProtect portal feature is not enabled.\nThis issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1.\nPrisma Access services are not impacted by this vulnerability. Firewalls that were upgraded to the latest versions of PAN-OS to resolve CVE-2020-2021 are not vulnerable to this issue.\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n"}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2034"}],"credits":[{"lang":"en","value":"This issue was found by Yamata Li of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-145587"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only where GlobalProtect portal is enabled.","supportingMedia":{"value":"This issue is applicable only where GlobalProtect portal is enabled.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 58658 on traffic destined for the GlobalProtect portal will block attacks against CVE-2020-2034.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 58658 on traffic destined for the GlobalProtect portal will block attacks against CVE-2020-2034.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."}],"timeline":[{"time":"2020-07-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-07-10T06:07:00.000Z","lang":"eng","value":"Updated workaround section with Threat Prevention signature."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2030","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-07-08T00:00:00","dateReserved":"2020-07-08T00:00:00","dateUpdated":"2020-07-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management interface","datePublic":"2020-07-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-07-08T16:35:16","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0.\n\nThis issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0.\n\nThis issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services."}]}],"x_affectedList":["PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2030"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100226","PAN-102677"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."}],"timeline":[{"time":"2020-07-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2027","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-10T00:00:00","dateReserved":"2020-06-10T00:00:00","dateUpdated":"2020-06-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in authd authentication response","datePublic":"2020-06-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:28:15","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2027"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["CYR-10833"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes.\n"}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-10T00:00:00","dateReserved":"2020-06-10T00:00:00","dateUpdated":"2020-06-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification","datePublic":"2020-06-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:28:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2028"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125804"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes."}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2029","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-10T00:00:00","dateReserved":"2020-06-10T00:00:00","dateUpdated":"2020-06-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in management interface certificate generator","datePublic":"2020-06-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:28:40","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 8.0;\nPAN-OS 7.1 versions earlier than PAN-OS 7.1.26;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 8.0;\nPAN-OS 7.1 versions earlier than PAN-OS 7.1.26;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2029"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Przemysław Kowalski of STM Solutions for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-124621"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes.\n"}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2012","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:23:19","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system.\n\nThis issue affects:\nAll versions of PAN-OS for Panorama 7.1 and 8.0;\nPAN-OS for Panorama 8.1 versions earlier than 8.1.13;\nPAN-OS for Panorama 9.0 versions earlier than 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system.\n\nThis issue affects:\nAll versions of PAN-OS for Panorama 7.1 and 8.0;\nPAN-OS for Panorama 8.1 versions earlier than 8.1.13;\nPAN-OS for Panorama 9.0 versions earlier than 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2012"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-611 Improper Restriction of XML External Entity Reference ('XXE')","cweId":"CWE-611"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-119810"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2010","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authenticated user command injection vulnerability","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:22:50","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2010"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-126362"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2009","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama SD WAN arbitrary file creation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2009"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom and Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-73 External Control of File Name or Path","cweId":"CWE-73"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-130361"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2013","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama context switch session cookie disclosure","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama."}]},{"lang":"en","value":"This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.13;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nPAN-OS 9.1 versions earlier than 9.1.1;\n\nAll version of PAN-OS 8.0;","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.13;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nPAN-OS 9.1 versions earlier than 9.1.1;\n\nAll version of PAN-OS 8.0;"}]}],"x_affectedList":["PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.1","versionType":"custom","changes":[{"at":"9.1.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2013"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.3,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-319 Cleartext Transmission of Sensitive Information","cweId":"CWE-319"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125122"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator’s session cookie is valid at time of attack.","supportingMedia":{"value":"One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator’s session cookie is valid at time of attack.","type":"text/html","base64":false}},{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2002","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Spoofed Kerberos key distribution center authentication bypass","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator."}]},{"lang":"en","value":"This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll version of PAN-OS 8.0.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll version of PAN-OS 8.0.\n"}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2002"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Yoav Iellin, Yaron Kassner, and Rotem Zach from Silverfort for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing","cweId":"CWE-290"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-118957"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2001","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-09-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama External control of file vulnerability leads to privilege escalation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 Panorama and 8.0 Panorama versions;\n\nPAN-OS 8.1 versions earlier than 8.1.12 on Panorama;\n\nPAN-OS 9.0 versions earlier than 9.0.6 on Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 Panorama and 8.0 Panorama versions;\n\nPAN-OS 8.1 versions earlier than 8.1.12 on Panorama;\n\nPAN-OS 9.0 versions earlier than 9.0.6 on Panorama."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.12","versionType":"custom","changes":[{"at":"8.1.12","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2001"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-123 Write-what-where Condition","cweId":"CWE-123"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-120397"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-09-11T22:06:00.000Z","lang":"eng","value":"Added workaround section"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2017","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: DOM-Based cross site scripting vulnerability in management web interface","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:24:05","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces.\nA remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces.\nA remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2017"}],"credits":[{"lang":"en","value":"This issue was found by Chris Ganas of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-121058"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2014","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS injection vulnerability in PAN-OS management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges.\n\nThis issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges.\n\nThis issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2014"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-127118"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2020-0006","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Nginx software upgraded to resolve multiple vulnerabilities","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Nginx software included with PAN-OS has been upgraded to resolve multiple vulnerabilities.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Nginx software included with PAN-OS has been upgraded to resolve multiple vulnerabilities."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]},{"lang":"en","value":"The resolved vulnerabilities include:","supportingMedia":[{"type":"text/html","base64":"false","value":"
The resolved vulnerabilities include:"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2012"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-476 NULL Pointer Dereference","cweId":"CWE-476"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-117480"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"Issues that affect the management interface of PAN-OS are strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"Issues that affect the management interface of PAN-OS are strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"These issues are fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"These issues are fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2006","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in management server payload parser","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14."}]}],"x_affectedList":["PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2006"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100855"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2020-0005","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OpenSSH software upgraded to resolve multiple vulnerabilities","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"OpenSSH software included with PAN-OS has been upgraded to resolve security vulnerability CVE-2016-10012. Additionally, code changes have been made to the server component of the OpenSSH software included in PAN-OS in response to CVE-2015-8325 and CVE-2016-1908 though PAN-OS is not impacted by these issues.\n\nThis issues affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.1;\nAll versions of PAN-OS 8.0.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
OpenSSH software included with PAN-OS has been upgraded to resolve security vulnerability CVE-2016-10012. Additionally, code changes have been made to the server component of the OpenSSH software included in PAN-OS in response to CVE-2015-8325 and CVE-2016-1908 though PAN-OS is not impacted by these issues.\n\nThis issues affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.1;\nAll versions of PAN-OS 8.0.\n"}]}],"x_affectedList":["PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.1","versionType":"custom","changes":[{"at":"9.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2020-0005"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-111061"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2008","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection or arbitrary file deletion vulnerability","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14."}]}],"x_affectedList":["PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2008"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-73 External Control of File Name or Path","cweId":"CWE-73"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102688"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2015","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:23:49","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nPAN-OS 9.1 versions earlier than 9.1.1;\nAll versions of PAN-OS 8.0.\n\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nPAN-OS 9.1 versions earlier than 9.1.1;\nAll versions of PAN-OS 8.0.\n\n"}]}],"x_affectedList":["PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.1","versionType":"custom","changes":[{"at":"9.1.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2015"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-120 Buffer Overflow","cweId":"CWE-120"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100734"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2005","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: GlobalProtect Clientless VPN session hijacking","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session.\nThis issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session.\nThis issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2005"}],"credits":[{"lang":"en","value":"This issue was discovered by Ron Masas of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["GPCON-551"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue only affects firewalls configured with GlobalProtect Clientless VPN.","supportingMedia":{"value":"This issue only affects firewalls configured with GlobalProtect Clientless VPN.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites.","supportingMedia":{"value":"Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2007","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection in management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2007"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102682"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2011","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-20T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama registration denial of service","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7;","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7;"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2011"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-118226"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-20T19:00:00.000Z","lang":"eng","value":"Removed 9.1.0 from affected releases"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2016","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:24:03","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account.\n\nThis allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account.\n\nThis allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user."}]},{"lang":"en","value":"This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2016"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks the UK's National Cyber Security Centre (NCSC) for discovering and reporting this issue."},{"lang":"en","value":"Palo Alto Networks thanks the NCC Group for finding this issue independently during a contracted PAN-OS security assessment."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-377 Insecure Temporary File","cweId":"CWE-377"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-128248"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1992","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-04-08T00:00:00","dateReserved":"2020-04-08T00:00:00","dateUpdated":"2020-04-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation","datePublic":"2020-04-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-04-08T18:41:58","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured.\n\nThis issue requires WildFire services to be configured and enabled.\n\nThis issue does not affect PAN-OS 8.1 and earlier releases.\n\nThis issue does not affect any other PA Series firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured.\n\nThis issue requires WildFire services to be configured and enabled.\n\nThis issue does not affect PAN-OS 8.1 and earlier releases.\n\nThis issue does not affect any other PA Series firewalls."}]}],"x_affectedList":["PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.2","versionType":"custom","changes":[{"at":"9.1.2","status":"unaffected"}]}],"platforms":["PA-7000 series with LFC"]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"8.0.*","status":"unaffected"},{"version":"7.1.*","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1992"}],"credits":[{"lang":"en","value":"This issue was found by a customer."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-134 Use of Externally-Controlled Format String","cweId":"CWE-134"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-135103"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue requires WildFire services to be configured and enabled.","supportingMedia":{"value":"This issue requires WildFire services to be configured and enabled.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"There are no viable workarounds for this issue.","supportingMedia":{"value":"There are no viable workarounds for this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-04-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1990","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-04-08T00:00:00","dateReserved":"2020-04-08T00:00:00","dateUpdated":"2020-04-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management server","datePublic":"2020-04-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-04-08T18:41:58","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7.\nThis issue does not affect PAN-OS 7.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7.\nThis issue does not affect PAN-OS 7.1."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1990"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-121319"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-04-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1979","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-05-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:13","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1979"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-134 Use of Externally-Controlled Format String","cweId":"CWE-134"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-97584"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-12T16:00:00.000Z","lang":"eng","value":"Updated attack vector, description and acknowledgement."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1981","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-03-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-03-11T18:58:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation.\nThis issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation.\nThis issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1981"}],"credits":[{"lang":"en","value":"This issue was found during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-377 Insecure Temporary File","cweId":"CWE-377"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-103038"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1980","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-03-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-03-11T18:58:17","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1980"}],"credits":[{"lang":"en","value":"This issue was discovered during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102674"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-17437","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-12-04T17:00:00.000Z","dateReserved":"2019-12-04T17:00:00.000Z"},"containers":{"cna":{"title":"PAN-OS: Custom-role users may escalate privileges","datePublic":"2019-12-04T17:00:00.000Z","providerMetadata":{"dateUpdated":"2019-12-05T14:11:11","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser.\nThis issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5.\nPAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser.\nThis issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5.\nPAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.\n"}]}],"x_affectedList":["PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThan":"7.1.25","versionType":"custom","changes":[{"at":"7.1.25","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThan":"8.0.20","versionType":"custom","changes":[{"at":"8.0.20","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.11","versionType":"custom","changes":[{"at":"8.1.11","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.5","versionType":"custom","changes":[{"at":"9.0.5","status":"unaffected"}]},{"version":"unspecified","status":"unknown","lessThanOrEqual":"7.0","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-17437"}],"credits":[{"lang":"en","value":"Christophe Schleypen of NCIA / NCIRC"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-280 Improper Handling of Insufficient Permissions or Privileges ","cweId":"CWE-280"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-115697"],"advisory":"PAN-SA-2019-0038","discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue only affects devices configured with a low privileged custom role user with any combination of roles or privileges.","supportingMedia":{"value":"This issue only affects devices configured with a low privileged custom role user with any combination of roles or privileges.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users.","supportingMedia":{"value":"Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions.","supportingMedia":{"value":"This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1582","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-08-21T22:13:00.000Z","dateReserved":"2019-08-21T22:13:00.000Z"},"containers":{"cna":{"title":"Memory Corruption in PAN-OS","datePublic":"2019-08-21T22:13:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. (Ref: # PAN-123700/ CVE-2019-1582).\nSuccessful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.\nThis issue affects PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. (Ref: # PAN-123700/ CVE-2019-1582).\nSuccessful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.\nThis issue affects PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected."}]}],"x_affectedList":["PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.9","versionType":"custom","changes":[{"at":"8.1.9-h4","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.3","versionType":"custom","changes":[{"at":"9.0.3-h3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1582"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-123700"],"advisory":"PAN-SA-2019-0023","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later. ","supportingMedia":{"value":"PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1579","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-18T20:39:00.000Z","dateReserved":"2019-07-18T20:39:00.000Z"},"containers":{"cna":{"title":"Remote Code Execution in GlobalProtect Portal/Gateway Interface ","datePublic":"2019-07-18T20:39:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. (Ref: CVE-2019-1579)\nSuccessful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code. \nThis issue affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. (Ref: CVE-2019-1579)\nSuccessful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code. \nThis issue affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected."}]}],"x_affectedList":["PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.18","versionType":"custom","changes":[{"at":"7.1.19","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.11-h1","versionType":"custom","changes":[{"at":"8.0.12","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.2","versionType":"custom","changes":[{"at":"8.1.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1579"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100913"],"advisory":"PAN-SA-2019-0020","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"If you have not already upgraded to the available updates listed above and cannot do so now, we recommend that you update to content release 8173, or the latest version, and confirm threat prevention is enabled and enforced on traffic that passes through the GlobalProtect portal and GlobalProtect Gateway interface. \n\nPlease see the customer advisory for more details here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 . \n\nYou are not affected if you do not have GlobalProtect enabled.\n","supportingMedia":{"value":"If you have not already upgraded to the available updates listed above and cannot do so now, we recommend that you update to content release 8173, or the latest version, and confirm threat prevention is enabled and enforced on traffic that passes through the GlobalProtect portal and GlobalProtect Gateway interface. \n\nPlease see the customer advisory for more details here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 . \n\nYou are not affected if you do not have GlobalProtect enabled.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.","supportingMedia":{"value":"PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1576","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Command Injection in PAN-OS ","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface (CLI). (Ref PAN-111872/ CVE-2019-1576)\nSuccessful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.\nThis issue affects PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface (CLI). (Ref PAN-111872/ CVE-2019-1576)\nSuccessful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.\nThis issue affects PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1576"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Joe Graham at Rochester Institute of Technology for reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-111872"],"advisory":"PAN-SA-2019-0018","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 9.0.3 and later","supportingMedia":{"value":"PAN-OS 9.0.3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1575","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Information Disclosure in PAN-OS Management API Usage","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An Information Disclosure vulnerability exists in PAN-OS Management API usage (Ref # PAN-107239 and PAN-118869 / CVE-2019-1575)\nSuccessful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An Information Disclosure vulnerability exists in PAN-OS Management API usage (Ref # PAN-107239 and PAN-118869 / CVE-2019-1575)\nSuccessful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.18","versionType":"custom","changes":[{"at":"8.0.19","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8-h4","versionType":"custom","changes":[{"at":"8.1.8","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1575"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Bartłomiej Stasiek of ING Tech Poland, Ruben Jacobi of ON2IT Group, Michael E. Davis - University of Arkansas, and Alycia N. Carey - University of Arkansas for reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-200 Information Exposure","cweId":"CWE-200"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-107239","PAN-118869"],"advisory":"PAN-SA-2019-0019","discovery":"USER"},"workarounds":[{"lang":"en","value":"Please see the detailed FAQ here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Palo-Alto-Networks-Security-Advisory-PAN-SA-2019-0019/ta-p/276661.","supportingMedia":{"value":"Please see the detailed FAQ here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Palo-Alto-Networks-Security-Advisory-PAN-SA-2019-0019/ta-p/276661.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later. ","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-8912","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Privilege Escalation in PAN-OS","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-01-21T19:06:20","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.17","versionType":"custom","changes":[{"at":"8.0.18","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8","versionType":"custom","changes":[{"at":"8.1.9","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-8912"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-416 Use After Free","cweId":"CWE-416"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-113631"],"advisory":"PAN-SA-2019-0017","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2019-0013","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-06-27T23:50:00.000Z","dateReserved":"2019-06-27T23:50:00.000Z"},"containers":{"cna":{"title":"Information about TCP SACK Panic Findings in PAN-OS ","datePublic":"2019-06-27T23:50:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. (Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)\nSuccessful exploitation of these issues could allow an unprivileged remote user to trigger a kernel panic in systems running the affected software, resulting in a denial of service.\n\nWhile these issues primary affect the PAN-OS Management Plane (MP), it is possible for MP services to be exposed via Data Plane (DP) interfaces as a result of Service Route or and Interface Management Profile configurations. Examples include Management Profiles permitting HTTP/HTTPS access to the WebGUI, SSH, or response pages. In these cases, it is possible that malicious traffic could arrive at the MP kernel through the DP interface. Devices with unrestricted connectivity to the MP, such as internal hosts, may be able to leverage this issue to impact device performance. \n\nPalo Alto Networks is not affected by CVE-2019-5599.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. \n\nGlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. (Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)\nSuccessful exploitation of these issues could allow an unprivileged remote user to trigger a kernel panic in systems running the affected software, resulting in a denial of service.\n\nWhile these issues primary affect the PAN-OS Management Plane (MP), it is possible for MP services to be exposed via Data Plane (DP) interfaces as a result of Service Route or and Interface Management Profile configurations. Examples include Management Profiles permitting HTTP/HTTPS access to the WebGUI, SSH, or response pages. In these cases, it is possible that malicious traffic could arrive at the MP kernel through the DP interface. Devices with unrestricted connectivity to the MP, such as internal hosts, may be able to leverage this issue to impact device performance. \n\nPalo Alto Networks is not affected by CVE-2019-5599.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. \n\nGlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues."}]}],"x_affectedList":["PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.18","versionType":"custom","changes":[{"at":"8.0.19","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8-h4","versionType":"custom","changes":[{"at":"8.1.8-h5","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2-h3","versionType":"custom","changes":[{"at":"9.0.2-h4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2019-0013"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-190 Integer Overflow or Wraparound","cweId":"CWE-190"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-119745"],"advisory":"PAN-SA-2019-0013","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1572","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-03-28T20:05:00.000Z","dateReserved":"2019-03-28T20:05:00.000Z"},"containers":{"cna":{"title":"Authentication Bypass in PAN-OS Management Web Interface","datePublic":"2019-03-28T20:05:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An Authentication Bypass vulnerability exists in the PAN-OS Management Web Interface. (Ref # PAN-113675, CVE-2019-1572)\nSuccessful exploitation of this issue may allow an unauthenticated remote user to access php files.\nThis issue affects Only PAN-OS 9.0.0","supportingMedia":[{"type":"text/html","base64":"false","value":"
An Authentication Bypass vulnerability exists in the PAN-OS Management Web Interface. (Ref # PAN-113675, CVE-2019-1572)\nSuccessful exploitation of this issue may allow an unauthenticated remote user to access php files.\nThis issue affects Only PAN-OS 9.0.0"}]}],"x_affectedList":["PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0.0","status":"affected"},{"version":"9.0.1","status":"unaffected","lessThan":"9.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1572"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-113675"],"advisory":"PAN-SA-2019-0005","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 9.0.1 and later","supportingMedia":{"value":"PAN-OS 9.0.1 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-14634","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-03-20T21:20:00.000Z","dateReserved":"2019-03-20T21:20:00.000Z"},"containers":{"cna":{"title":"Privilege Escalation in PAN-OS","datePublic":"2019-03-20T21:20:00.000Z","providerMetadata":{"dateUpdated":"2021-07-20T14:06:15","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's create_elf_tables() function. (Ref # PAN-105966, CVE-2018-14634)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. \n\nTo successfully exploit this vulnerability, an attacker would need local user account to access CLI, as well as, an unrelated vulnerability allowing the local user to execute arbitrary code in a chained attack. This combination would result in the execution of malicious code and achieving complete control of the affected system.\n\nThis issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. \nThis issue affects This only affects 64bit systems with more than 32 GB of available memory. \n\nThe affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's create_elf_tables() function. (Ref # PAN-105966, CVE-2018-14634)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. \n\nTo successfully exploit this vulnerability, an attacker would need local user account to access CLI, as well as, an unrelated vulnerability allowing the local user to execute arbitrary code in a chained attack. This combination would result in the execution of malicious code and achieving complete control of the affected system.\n\nThis issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. \nThis issue affects This only affects 64bit systems with more than 32 GB of available memory. \n\nThe affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected."}]}],"x_affectedList":["PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.22","versionType":"custom","changes":[{"at":"7.1.23","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.15","versionType":"custom","changes":[{"at":"8.0.16","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.6","versionType":"custom","changes":[{"at":"8.1.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-14634"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-190 Integer Overflow or Wraparound","cweId":"CWE-190"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-105966"],"advisory":"PAN-SA-2019-0006","discovery":"INTERNAL"},"solutions":[{"lang":"en","value":"PAN-OS 7.1.23 and later, PAN-OS 8.0.16 and later, and PAN-OS 8.1.7 and later. ","supportingMedia":{"value":"PAN-OS 7.1.23 and later, PAN-OS 8.0.16 and later, and PAN-OS 8.1.7 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2018-0015","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-10-12T02:35:00.000Z","dateReserved":"2018-10-12T02:35:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities in PAN-OS ","datePublic":"2018-10-12T02:35:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. (Ref # PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis for security issues.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier. WF-500 running WF-500 software versions PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. (Ref # PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis for security issues.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier. WF-500 running WF-500 software versions PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier."}]}],"x_affectedList":["PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.20","versionType":"custom"},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.20","versionType":"custom","changes":[{"at":"7.1.21","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.13","versionType":"custom","changes":[{"at":"8.0.14","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.3","versionType":"custom","changes":[{"at":"8.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2018-0015"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-320","cweId":"CWE-320"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-98504"],"advisory":"PAN-SA-2018-0015","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.21 and later, PAN-OS 8.0.14 and later, PAN-OS 8.1.4 and later, WF-500 running WF-500 software version 8.0.14 and later, and WF-500 running WF-500 software version 8.1.4 and later. PAN-OS 6.1 will NOT have a fix. For WF-500 software versions 7.1 and earlier, please consult the WildFire Administrator’s Guide for steps to upgrade the software. An online copy of all available documentation can be found here (https://www.paloaltonetworks.com/documentation).","supportingMedia":{"value":"PAN-OS 7.1.21 and later, PAN-OS 8.0.14 and later, PAN-OS 8.1.4 and later, WF-500 running WF-500 software version 8.0.14 and later, and WF-500 running WF-500 software version 8.1.4 and later. PAN-OS 6.1 will NOT have a fix. For WF-500 software versions 7.1 and earlier, please consult the WildFire Administrator’s Guide for steps to upgrade the software. An online copy of all available documentation can be found here (https://www.paloaltonetworks.com/documentation).","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-5391","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-09-19T20:40:00.000Z","dateReserved":"2018-09-19T20:40:00.000Z"},"containers":{"cna":{"title":"Information about FragmentSmack findings","datePublic":"2018-09-19T20:40:00.000Z","providerMetadata":{"dateUpdated":"2020-04-14T12:06:39","orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of recent vulnerability disclosure, known as FragmentSmack, that affects Linux kernel 3.9 and later. At this time, our findings show that some Palo Alto Networks devices running specific versions of PAN-OS are vulnerable to this disclosure. (CVE-2018-5391). This security advisory will be updated as more information becomes available or if there are changes in the impact of these vulnerabilities.\nA flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. To exploit this vulnerability a remote attacker could send specially crafted packets that trigger time and calculation expensive fragment reassembly algorithms and cause CPU saturation (a denial of service on the system). This only affects the Management Plane of PAN-OS.\nThis issue affects PAN-OS 6.1.21 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050. PAN-OS 7.1.19 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050 and PA-7080. PAN-OS 8.0.12 and earlier running on PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-7050 and PA-7080. PAN-OS 8.1.4 and earlier running on PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-5280, PA-7050 and PA-7080.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of recent vulnerability disclosure, known as FragmentSmack, that affects Linux kernel 3.9 and later. At this time, our findings show that some Palo Alto Networks devices running specific versions of PAN-OS are vulnerable to this disclosure. (CVE-2018-5391). This security advisory will be updated as more information becomes available or if there are changes in the impact of these vulnerabilities.\nA flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. To exploit this vulnerability a remote attacker could send specially crafted packets that trigger time and calculation expensive fragment reassembly algorithms and cause CPU saturation (a denial of service on the system). This only affects the Management Plane of PAN-OS.\nThis issue affects PAN-OS 6.1.21 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050. PAN-OS 7.1.19 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050 and PA-7080. PAN-OS 8.0.12 and earlier running on PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-7050 and PA-7080. PAN-OS 8.1.4 and earlier running on PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-5280, PA-7050 and PA-7080."}]}],"x_affectedList":["PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.21","versionType":"custom","changes":[{"at":"6.1.22","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.19","versionType":"custom","changes":[{"at":"7.1.20","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.12","versionType":"custom","changes":[{"at":"8.0.13","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.4","versionType":"custom","changes":[{"at":"8.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-5391"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-103132"],"advisory":"PAN-SA-2018-0012","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS. Our best practices guidelines strongly mitigate exposure to this vulnerability and reduce the exposure of the management interface to other potential threats. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/81/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS. Our best practices guidelines strongly mitigate exposure to this vulnerability and reduce the exposure of the management interface to other potential threats. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/81/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.22, PAN-OS 7.1.20 and later, PAN-OS 8.0.13 and later, and PAN-OS 8.1.5 and later. ","supportingMedia":{"value":"PAN-OS 6.1.22, PAN-OS 7.1.20 and later, PAN-OS 8.0.13 and later, and PAN-OS 8.1.5 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-8715","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-07-20T00:30:00.000Z","dateReserved":"2018-07-20T00:30:00.000Z"},"containers":{"cna":{"title":"Denial of Service in PAN-OS Management Web Interface ","datePublic":"2018-07-20T00:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:47","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. (Ref # PAN-93089, CVE-2018-8715)\nA specially crafted HTTP POST request with an invalid “If-modified\" header field may cause a NULL dereference and cause a denial of service condition. This vulnerability can be triggered without login or authentication and could result in a crash of the management service.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.0. Global Protect is NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. (Ref # PAN-93089, CVE-2018-8715)\nA specially crafted HTTP POST request with an invalid “If-modified\" header field may cause a NULL dereference and cause a denial of service condition. This vulnerability can be triggered without login or authentication and could result in a crash of the management service.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.0. Global Protect is NOT affected."}]}],"x_affectedList":["PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.20","versionType":"custom","changes":[{"at":"6.1.21","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.16","versionType":"custom","changes":[{"at":"7.1.17","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.9","versionType":"custom","changes":[{"at":"8.0.10","status":"unaffected"}]},{"version":"8.1.1","status":"unaffected","lessThan":"8.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-8715"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-93089"],"advisory":"PAN-SA-2018-0008","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.21 and later, PAN-OS 7.1.17 and later, PAN-OS 8.0.10 and later, and PAN-OS 8.1.1 and later. ","supportingMedia":{"value":"PAN-OS 6.1.21 and later, PAN-OS 7.1.17 and later, PAN-OS 8.0.10 and later, and PAN-OS 8.1.1 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-15942","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-12-06T00:00:00","dateReserved":"2017-12-06T00:00:00","dateUpdated":"2020-05-18T00:00:00.000000Z"},"containers":{"cna":{"title":"Denial of Service Against GlobalProtect","datePublic":"2017-12-06T00:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)\nPAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)\nPAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.18","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.18","versionType":"custom","changes":[{"at":"6.1.19","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.18","versionType":"custom","changes":[{"at":"7.0.19","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.12","versionType":"custom","changes":[{"at":"7.1.13","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.5","versionType":"custom","changes":[{"at":"8.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-15942"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Craig Stephen and Martin Ferris from Net Consulting for reporting this issue to us."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-399 Resource Management Errors","cweId":"CWE-399"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-78127"],"advisory":"PAN-SA-2017-0025","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This vulnerability is only available when the GlobalProtect gateway or portal is running.","supportingMedia":{"value":"This vulnerability is only available when the GlobalProtect gateway or portal is running.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later","supportingMedia":{"value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later","type":"text/html","base64":false}}],"timeline":[{"time":"2017-12-06T00:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-18T16:00:00.000Z","lang":"eng","value":"Updated credit statement"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-6460","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-07-27T17:15:00.000Z","dateReserved":"2017-07-27T17:15:00.000Z"},"containers":{"cna":{"title":"NTP Vulnerability","datePublic":"2017-07-27T17:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"The Network Time Protocol (NTP) library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall. (Ref # PAN-76130 / CVE-2017-6460)\nSuccessful exploitation of this issue requires an attacker to be on the management interface.\nThis issue affects PAN-OS 6.1, PAN-OS 7.0.17 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Network Time Protocol (NTP) library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall. (Ref # PAN-76130 / CVE-2017-6460)\nSuccessful exploitation of this issue requires an attacker to be on the management interface.\nThis issue affects PAN-OS 6.1, PAN-OS 7.0.17 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.3 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.22","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1.*","status":"affected"},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.11","versionType":"custom","changes":[{"at":"7.1.12","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.3","versionType":"custom","changes":[{"at":"8.0.4","status":"unaffected"}]},{"version":"7.0.18","status":"unaffected","lessThan":"7.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-6460"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-76130"],"advisory":"PAN-SA-2017-0022","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.18 or later, PAN-OS 7.1.12 or later, PAN-OS 8.0.4 or later\n","supportingMedia":{"value":"PAN-OS 7.0.18 or later, PAN-OS 7.1.12 or later, PAN-OS 8.0.4 or later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-8610","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-06-07T00:25:00.000Z","dateReserved":"2017-06-07T00:25:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerability ","datePublic":"2017-06-07T00:25:00.000Z","providerMetadata":{"dateUpdated":"2020-10-20T21:14:51","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerability CVE-2016-8610. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-68543 / CVE-2016-8610)\r\nThe OpenSSL library in use by PAN-OS is patched on a regular basis.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.10 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerability CVE-2016-8610. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-68543 / CVE-2016-8610)\r\nThe OpenSSL library in use by PAN-OS is patched on a regular basis.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.10 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.17","versionType":"custom","changes":[{"at":"6.1.18","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.15","versionType":"custom","changes":[{"at":"7.0.16","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.10","versionType":"custom","changes":[{"at":"7.1.11","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-8610"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption","cweId":"CWE-400"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-68543"],"advisory":"PAN-SA-2017-0017","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.11 and later\r","supportingMedia":{"value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.11 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-4971","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-05-23T03:00:03.000Z","dateReserved":"2017-05-23T03:00:03.000Z"},"containers":{"cna":{"title":"WGET Vulnerability","datePublic":"2017-05-23T03:00:03.000Z","providerMetadata":{"dateUpdated":"2021-04-30T16:06:24","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The wget library has been found to contain a vulnerability (CVE 2016-4971). wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-59677/ CVE 2016-4971)\nSuccessfully exploiting this issue would require an attacker to be authenticated on the Management Interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0","supportingMedia":[{"type":"text/html","base64":"false","value":"
The wget library has been found to contain a vulnerability (CVE 2016-4971). wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-59677/ CVE 2016-4971)\nSuccessfully exploiting this issue would require an attacker to be authenticated on the Management Interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0"}]}],"x_affectedList":["PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.16","versionType":"custom","changes":[{"at":"6.1.17","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.14","versionType":"custom","changes":[{"at":"7.0.15","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.9","versionType":"custom","changes":[{"at":"7.1.10","status":"unaffected"}]},{"version":"8.0.1","status":"unaffected","lessThan":"8.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-4971"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-254","cweId":"CWE-254"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-59677","2016-4971"],"advisory":"PAN-SA-2017-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.1 and later","supportingMedia":{"value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.1 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-3731","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-04-20T18:00:00.000Z","dateReserved":"2017-04-20T18:00:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerability","datePublic":"2017-04-20T18:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerability CVE-2017-3731. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-73914 / CVE-2017-3731)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. \nThis issue affects PAN-OS 6.1, PAN-OS 7.0.14 and earlier, PAN-OS 7.1, PAN-OS 8.0\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerability CVE-2017-3731. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-73914 / CVE-2017-3731)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. \nThis issue affects PAN-OS 6.1, PAN-OS 7.0.14 and earlier, PAN-OS 7.1, PAN-OS 8.0\n"}]}],"x_affectedList":["PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1","versionType":"custom"},{"version":"7.0.15","status":"unaffected","lessThan":"7.0*","versionType":"custom"},{"version":"7.1.10","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"8.0.2","status":"unaffected","lessThan":"8.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-3731"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-125 Out-of-bounds Read","cweId":"CWE-125"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-73914"],"advisory":"PAN-SA-2017-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.15 and later; PAN-OS 7.1.10 and later; PAN-OS 8.0.2 and later\n","supportingMedia":{"value":"PAN-OS 7.0.15 and later; PAN-OS 7.1.10 and later; PAN-OS 8.0.2 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-7218","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-04-10T17:30:01.000Z","dateReserved":"2017-04-10T17:30:01.000Z"},"containers":{"cna":{"title":"Local Privilege Escalation in the Management Web Interface ","datePublic":"2017-04-10T17:30:01.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. (Ref # PAN-70426/ CVE-2017-7218)\nSuccessfully exploiting this issue would require an attacker to be authenticated.\nThis issue affects PAN-OS 7.1.8 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. (Ref # PAN-70426/ CVE-2017-7218)\nSuccessfully exploiting this issue would require an attacker to be authenticated.\nThis issue affects PAN-OS 7.1.8 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.8","versionType":"custom","changes":[{"at":"7.1.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-7218"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Christophe Schleypen from NATO Communications and Information Agency for reporting this issue to us. \r"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-70426"],"advisory":"PAN-SA-2017-0009","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.9 and later","supportingMedia":{"value":"PAN-OS 7.1.9 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-5195","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-02-21T19:30:00.000Z","dateReserved":"2017-02-21T19:30:00.000Z"},"containers":{"cna":{"title":"Kernel Vulnerability ","datePublic":"2017-02-21T19:30:00.000Z","providerMetadata":{"dateUpdated":"2022-08-15T11:06:10","orgId":"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28","shortName":"Chrome"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW (ref # PAN-68074 / CVE-2016-5195).\nPAN-OS may be impacted by the Dirty COW (CVE-2016-5195) attack. A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write breakage of private read-only memory mappings. An attacker would first require access to a shell on the device before they could use this exploit. Shell access is significantly restricted on the device. The Command Line Interface (CLI) is not shell access and therefore this issue cannot be exploited by the CLI.\nThis issue affects PAN-OS 5.1, PAN-OS 6.0, PAN-OS 6.1, PAN-OS 7.0.13, PAN-OS 7.1.7 and earlier\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW (ref # PAN-68074 / CVE-2016-5195).\nPAN-OS may be impacted by the Dirty COW (CVE-2016-5195) attack. A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write breakage of private read-only memory mappings. An attacker would first require access to a shell on the device before they could use this exploit. Shell access is significantly restricted on the device. The Command Line Interface (CLI) is not shell access and therefore this issue cannot be exploited by the CLI.\nThis issue affects PAN-OS 5.1, PAN-OS 6.0, PAN-OS 6.1, PAN-OS 7.0.13, PAN-OS 7.1.7 and earlier\n"}]}],"x_affectedList":["PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.22","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.15","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.1.*","status":"affected"},{"version":"6.0.*","status":"affected"},{"version":"6.1.*","status":"affected"},{"version":"7.0.14","status":"unaffected","lessThan":"7.0*","versionType":"custom"},{"version":"7.1.8","status":"unaffected","lessThan":"7.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-5195"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","cweId":"CWE-362"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-68074"],"advisory":"PAN-SA-2017-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":" PAN-OS 7.0.14 and later, PAN-OS 7.1.8 and later\n","supportingMedia":{"value":" PAN-OS 7.0.14 and later, PAN-OS 7.1.8 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-9151","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-11-17T17:00:00.000Z","dateReserved":"2016-11-17T17:00:00.000Z"},"containers":{"cna":{"title":"Local Privilege Escalation","datePublic":"2016-11-17T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges (Ref # PAN-61104/100499/CVE-2016-9151)\r\nA potential attacker with local shell access could manipulate arbitrary environment variables which could result in a process running with higher privileges.\r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges (Ref # PAN-61104/100499/CVE-2016-9151)\r\nA potential attacker with local shell access could manipulate arbitrary environment variables which could result in a process running with higher privileges.\r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.14","versionType":"custom","changes":[{"at":"6.1.15","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.10","versionType":"custom","changes":[{"at":"7.0.11","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.5","versionType":"custom","changes":[{"at":"7.1.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-9151"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Tavis Ormandy from the Google Security Team for reporting this issue to us."}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-264","cweId":"CWE-264"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-61104","100499"],"advisory":"PAN-SA-2016-0034","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. ","supportingMedia":{"value":"Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. ","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0029","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-18T18:31:00.000Z","dateReserved":"2016-10-18T18:31:00.000Z"},"containers":{"cna":{"title":"Insecure Server Configuration","datePublic":"2016-10-18T18:31:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"An incorrect Web management server configuration was identified in PAN-OS. (Ref # PAN-52038/86767).\nThis post-authentication issue affects the management interface of the device, where an incorrect configuration could lead to JavaScript execution.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
An incorrect Web management server configuration was identified in PAN-OS. (Ref # PAN-52038/86767).\nThis post-authentication issue affects the management interface of the device, where an incorrect configuration could lead to JavaScript execution.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0029"}],"credits":[{"lang":"en","value":"ringzero"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Insecure Server Configuration"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-52038","86767"],"advisory":"PAN-SA-2016-0029","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue is available only to authenticated users on the web interface. Palo Alto Networks recommends implementing best practices, only allowing management access to a restricted set of IP address, and dedicating management of the device to the management interface only.","supportingMedia":{"value":"This issue is available only to authenticated users on the web interface. Palo Alto Networks recommends implementing best practices, only allowing management access to a restricted set of IP address, and dedicating management of the device to the management interface only.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-18T18:30:00.000Z","dateReserved":"2016-10-18T18:30:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities","datePublic":"2016-10-18T18:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to moderate but have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to moderate but have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0028"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-48954","81411"],"advisory":"PAN-SA-2016-0028","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0025","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-04T01:00:00.000Z","dateReserved":"2016-10-04T01:00:00.000Z"},"containers":{"cna":{"title":"Kernel Vulnerabilities","datePublic":"2016-10-04T01:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366.\n (Ref # PAN-52379/87408)\nThe CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.4 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366.\n (Ref # PAN-52379/87408)\nThe CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.4 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.14","versionType":"custom","changes":[{"at":"6.1.15","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.10","versionType":"custom","changes":[{"at":"7.0.11","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.4","versionType":"custom","changes":[{"at":"7.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0025"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-399","cweId":"CWE-399"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-52379","87408"],"advisory":"PAN-SA-2016-0025","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.5 and later\n","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.5 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2015-7547","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T19:00:00.000Z","dateReserved":"2016-08-15T19:00:00.000Z"},"containers":{"cna":{"title":"Glibc DNS Resolver Vulnerability","datePublic":"2016-08-15T19:00:00.000Z","providerMetadata":{"dateUpdated":"2022-06-20T18:06:34","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"A vulnerability in the GNU libc (glibc) DNS resolver allows remote code execution (CVE-2015-7547). However, this issue can be exploited only from a DNS server that is under the control of an attacker. (Ref # 91886).\nThis glibc issue is only exploitable by an attacker controlling the DNS server configured for the device. Furthermore, the attacker must overcome additional anti-exploitation mitigations, such as ASLR, to mount a successful attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in the GNU libc (glibc) DNS resolver allows remote code execution (CVE-2015-7547). However, this issue can be exploited only from a DNS server that is under the control of an attacker. (Ref # 91886).\nThis glibc issue is only exploitable by an attacker controlling the DNS server configured for the device. Furthermore, the attacker must overcome additional anti-exploitation mitigations, such as ASLR, to mount a successful attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2015-7547"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["91886"],"advisory":"PAN-SA-2016-0021","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This vulnerability can affect PAN-OS software only when the device is configured with a DNS server that is under the control of an attacker. Palo Alto Networks discourages configuring the device with untrusted DNS servers.","supportingMedia":{"value":"This vulnerability can affect PAN-OS software only when the device is configured with a DNS server that is under the control of an attacker. Palo Alto Networks discourages configuring the device with untrusted DNS servers.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0020","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T18:30:00.000Z","dateReserved":"2016-08-15T18:30:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities","datePublic":"2016-08-15T18:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2842. Palo Alto Networks software makes use of the vulnerable library. (Ref # 95622).\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to high but, have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.X; PAN-OS-5.1.X; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2842. Palo Alto Networks software makes use of the vulnerable library. (Ref # 95622).\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to high but, have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.X; PAN-OS-5.1.X; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.8","versionType":"custom","changes":[{"at":"7.0.9","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0020"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["95622"],"advisory":"PAN-SA-2016-0020","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0019","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T18:00:00.000Z","dateReserved":"2016-08-15T18:00:00.000Z"},"containers":{"cna":{"title":"NTP Vulnerabilities","datePublic":"2016-08-15T18:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The open source ntp project has been found to contain several vulnerabilities (CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016). Palo Alto...\nAlso Palo Alto Networks make use of the affected version of ntp, no exploitation condition are known at the time of this advisory\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.1 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The open source ntp project has been found to contain several vulnerabilities (CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016). Palo Alto...\nAlso Palo Alto Networks make use of the affected version of ntp, no exploitation condition are known at the time of this advisory\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.1 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.1","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.8","versionType":"custom","changes":[{"at":"7.0.9","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0019"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption","cweId":"CWE-400"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["92106"],"advisory":"PAN-SA-2016-0019","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0016","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-15T00:00:00.000Z","dateReserved":"2016-07-15T00:00:00.000Z"},"containers":{"cna":{"title":"Web Interface Privilege Escalation","datePublic":"2016-07-15T00:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. (Ref. 88191)\nA user could elevate privileges by impersonating another user with higher permissions.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.10 and earlier; PAN-OS 7.0.4 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. (Ref. 88191)\nA user could elevate privileges by impersonating another user with higher permissions.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.10 and earlier; PAN-OS 7.0.4 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.18","versionType":"custom","changes":[{"at":"5.0.19","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.11","versionType":"custom","changes":[{"at":"5.1.12","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.10","versionType":"custom","changes":[{"at":"6.1.11","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.4","versionType":"custom","changes":[{"at":"7.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0016"}],"credits":[{"lang":"en","value":"John Perry, the Boeing Company"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Web Interface Privilege Escalation"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["88191"],"advisory":"PAN-SA-2016-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Customers running versions of Panorama affected by this issue could create a custom admin role that does not allow CLI access and to avoid any privilege escalation. Firewalls running PAN-OS are not affected by this issue.","supportingMedia":{"value":"Customers running versions of Panorama affected by this issue could create a custom admin role that does not allow CLI access and to avoid any privilege escalation. Firewalls running PAN-OS are not affected by this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.11 and later; PAN-OS 7.0.5 and later","supportingMedia":{"value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.11 and later; PAN-OS 7.0.5 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-1712","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-13T18:30:00.000Z","dateReserved":"2016-07-13T18:30:00.000Z"},"containers":{"cna":{"title":"Local privilege escalation","datePublic":"2016-07-13T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).\nExploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).\nExploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.18","versionType":"custom","changes":[{"at":"5.0.19","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.11","versionType":"custom","changes":[{"at":"5.1.12","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.11","versionType":"custom","changes":[{"at":"6.1.12","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-1712"}],"credits":[{"lang":"en","value":"Kasif Dekel, CheckPoint Security Team"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["92293"],"advisory":"PAN-SA-2016-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0011","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-12T17:30:00.000Z","dateReserved":"2016-07-12T17:30:00.000Z"},"containers":{"cna":{"title":"OpenSSH vulnerabilities","datePublic":"2016-07-12T17:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"OpenSSH contains two vulnerabilities (CVE-2016-0777 and CVE-2016-0778) affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. (Ref # 90508)\nThe Palo Alto Networks firewall outbound SSH client offers only the user/password authentication scheme and, therefore, does not expose a potential SSH private key.\nThis issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.2 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
OpenSSH contains two vulnerabilities (CVE-2016-0777 and CVE-2016-0778) affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. (Ref # 90508)\nThe Palo Alto Networks firewall outbound SSH client offers only the user/password authentication scheme and, therefore, does not expose a potential SSH private key.\nThis issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.2 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.9","versionType":"custom","changes":[{"at":"7.0.10","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.2","versionType":"custom","changes":[{"at":"7.1.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0011"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["90508"],"advisory":"PAN-SA-2016-0011","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"These vulnerabilities affect PAN-OS only when initiating a connection to a malicious server. Palo Alto Networks discourages establishing SSH sessions to unknown or untrusted servers.","supportingMedia":{"value":"These vulnerabilities affect PAN-OS only when initiating a connection to a malicious server. Palo Alto Networks discourages establishing SSH sessions to unknown or untrusted servers.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.10 and later; PAN-OS 7.1.3 and later","supportingMedia":{"value":"PAN-OS 7.0.10 and later; PAN-OS 7.1.3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3656","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656)\nThis issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via a service crash.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656)\nThis issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via a service crash.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior"}]}],"x_affectedList":["PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.5","versionType":"custom","changes":[{"at":"7.0.5H2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3656"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89750"],"advisory":"PAN-SA-2016-0004","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Emergency content update 563 contains an IPS signature (#38903) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38903 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","supportingMedia":{"value":"Emergency content update 563 contains an IPS signature (#38903) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38903 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3654","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Command Injection in Command Line Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level. This vulnerability requires successful authentication but can be used to execute OS commands with root privileges if the logged on user has administrative privileges. (Ref #89706) (CVE-2016-3654)\nThis vulnerability is exploitable only by authenticated administrators that are granted access to the device management CLI.\nThis issue affects PAN-OS releases 5.0.17 and prior; 5.1.10 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level. This vulnerability requires successful authentication but can be used to execute OS commands with root privileges if the logged on user has administrative privileges. (Ref #89706) (CVE-2016-3654)\nThis vulnerability is exploitable only by authenticated administrators that are granted access to the device management CLI.\nThis issue affects PAN-OS releases 5.0.17 and prior; 5.1.10 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior"}]}],"x_affectedList":["PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.10","versionType":"custom","changes":[{"at":"5.1.11","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.5","versionType":"custom","changes":[{"at":"7.0.5H2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3654"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89706"],"advisory":"PAN-SA-2016-0002","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue only affects authenticated device users and Panorama users with CLI access enabled. Deployments making use of Role-Based Access Control (RBAC) do not offer CLI access by default. As a best practice, CLI access should be carefully considered, and granted only when necessary to privileged administrators.","supportingMedia":{"value":"This issue only affects authenticated device users and Panorama users with CLI access enabled. Deployments making use of Role-Based Access Control (RBAC) do not offer CLI access by default. As a best practice, CLI access should be carefully considered, and granted only when necessary to privileged administrators.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 5.1.11 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 5.1.11 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2014-0224","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2014-06-09T07:00:00.000Z","dateReserved":"2014-06-09T07:00:00.000Z"},"containers":{"cna":{"title":"OpenSSL Man-in-the-middle vulnerability","datePublic":"2014-06-09T07:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-05T16:47:29","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The remaining vulnerabilities to not apply because we do not use or support use of Datagram Transport Layer Security (DTLS), nor do we use anonymous Elliptic curve Diffie-Hellman (ECDH) on our software clients. Our exposure to CVE-2014-0224 is limited because both client and server must be vulnerable. While our client-side is vulnerable, the server-side is not. This limits exposure to potential man-in-the-middle (MITM) attacks only to sessions our software initiates with servers outside of our control that are running a vulnerable version of OpenSSL (OpenSSL 1.0.1 and 1.0.2-beta1). As such, services that may be vulnerable to MITM depending on customer configuration include: firewall services using SSL configured to use a proxy running a vulnerable OpenSSL server, syslog over SSL to a syslog server running a vulnerable OpenSSL server, and the User-ID agent connecting to a directory server running a vulnerable OpenSSL server. GlobalProtect is not vulnerable because our portal and gateway servers are not vulnerable.\n\nIn response to these issues, Palo Alto Networks is including a patch to the OpenSSL software used across our products with the next scheduled maintenance release for all supported versions of PAN-OS / Panorama, User-ID agent, and GlobalProtect. Users can mitigate their exposure by ensuring that any servers described above are not running vulnerable versions of OpenSSL (1.0.1 and 1.0.2-beta1). If customers have any further questions related to product exposure to this OpenSSL security advisory, they can contact support.\nThis issue requires an attacker to be able to act as a man-in-the-middle to certain firewall services, such as syslog, User-ID agent, or services between PAN-OS / Panorama and a proxy. The issue further requires that the servers that PAN-OS / Panorama initiates connections with to perform these services are also vulnerable to CVE-2014-0224.\n\nGlobalProtect VPN is not vulnerable, as the PAN-OS Portal and Gateway servers are not vulnerable.\nThis issue affects All versions of PAN-OS / Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The remaining vulnerabilities to not apply because we do not use or support use of Datagram Transport Layer Security (DTLS), nor do we use anonymous Elliptic curve Diffie-Hellman (ECDH) on our software clients. Our exposure to CVE-2014-0224 is limited because both client and server must be vulnerable. While our client-side is vulnerable, the server-side is not. This limits exposure to potential man-in-the-middle (MITM) attacks only to sessions our software initiates with servers outside of our control that are running a vulnerable version of OpenSSL (OpenSSL 1.0.1 and 1.0.2-beta1). As such, services that may be vulnerable to MITM depending on customer configuration include: firewall services using SSL configured to use a proxy running a vulnerable OpenSSL server, syslog over SSL to a syslog server running a vulnerable OpenSSL server, and the User-ID agent connecting to a directory server running a vulnerable OpenSSL server. GlobalProtect is not vulnerable because our portal and gateway servers are not vulnerable.\n\nIn response to these issues, Palo Alto Networks is including a patch to the OpenSSL software used across our products with the next scheduled maintenance release for all supported versions of PAN-OS / Panorama, User-ID agent, and GlobalProtect. Users can mitigate their exposure by ensuring that any servers described above are not running vulnerable versions of OpenSSL (1.0.1 and 1.0.2-beta1). If customers have any further questions related to product exposure to this OpenSSL security advisory, they can contact support.\nThis issue requires an attacker to be able to act as a man-in-the-middle to certain firewall services, such as syslog, User-ID agent, or services between PAN-OS / Panorama and a proxy. The issue further requires that the servers that PAN-OS / Panorama initiates connections with to perform these services are also vulnerable to CVE-2014-0224.\n\nGlobalProtect VPN is not vulnerable, as the PAN-OS Portal and Gateway servers are not vulnerable.\nThis issue affects All versions of PAN-OS / Panorama."}]}],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.0.4","status":"unaffected","lessThan":"6.0*","versionType":"custom"},{"version":"5.1.9","status":"unaffected","lessThan":"5.1*","versionType":"custom"},{"version":"5.0.14.","status":"unaffected","lessThan":"5.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2014-0224"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-310","cweId":"CWE-310"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"advisory":"PAN-SA-2014-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Services running over SSL from PAN-OS / Panorama to 3rd party servers (i.e. syslog server, directory services server) are only vulnerable to a possible MITM attack if the server is also vulnerable to CVE-2014-0224. Ensure that the 3rd party service's server is not running a vulnerable version of OpenSSL (1.0.1 and 1.0.2-beta1).","supportingMedia":{"value":"Services running over SSL from PAN-OS / Panorama to 3rd party servers (i.e. syslog server, directory services server) are only vulnerable to a possible MITM attack if the server is also vulnerable to CVE-2014-0224. Ensure that the 3rd party service's server is not running a vulnerable version of OpenSSL (1.0.1 and 1.0.2-beta1).","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.0.4; PAN-OS 5.1.9; PAN-OS 5.0.14.","supportingMedia":{"value":"PAN-OS 6.0.4; PAN-OS 5.1.9; PAN-OS 5.0.14.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6602","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #30122)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #30122)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.3","versionType":"custom","changes":[{"at":"4.0.4","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6602"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["30122"],"advisory":"PAN-SA-2012-0013","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6594","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34299)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34299)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.0","versionType":"custom","changes":[{"at":"4.1.1","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.11","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6594"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34299"],"advisory":"PAN-SA-2012-0005","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later; PAN-OS 3.1.11 and later.","supportingMedia":{"value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later; PAN-OS 3.1.11 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6595","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34595)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34595)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.1","versionType":"custom","changes":[{"at":"4.1.2","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6595"}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"HIGH","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.4,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["34595"],"advisory":"PAN-SA-2012-0006","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.2 and later. PAN-OS 4.0.9 and later.","supportingMedia":{"value":"PAN-OS 4.1.2 and later. PAN-OS 4.0.9 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6605","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #34896)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #34896)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6605"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34896"],"advisory":"PAN-SA-2012-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6601","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. (Ref #36983)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. (Ref #36983)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.3","versionType":"custom","changes":[{"at":"4.1.4","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.9","versionType":"custom","changes":[{"at":"4.0.10","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.11","versionType":"custom","changes":[{"at":"3.1.12","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6601"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["36983"],"advisory":"PAN-SA-2012-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","supportingMedia":{"value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6604","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #35249)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #35249)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6604"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["35249"],"advisory":"PAN-SA-2012-0015","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6599","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33476)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33476)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.0","versionType":"custom","changes":[{"at":"4.1.1","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6599"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["33476"],"advisory":"PAN-SA-2012-0010","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later.","supportingMedia":{"value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6598","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33080)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33080)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6598"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["33080"],"advisory":"PAN-SA-2012-0009","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.8 and later.","supportingMedia":{"value":"PAN-OS 4.0.8 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6600","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34502)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34502)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.1","versionType":"custom","changes":[{"at":"4.1.2","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6600"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34502"],"advisory":"PAN-SA-2012-0011","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.2 and later; PAN-OS 4.0.9 and later.","supportingMedia":{"value":"PAN-OS 4.1.2 and later; PAN-OS 4.0.9 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6591","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #31116)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #31116)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.4","versionType":"custom","changes":[{"at":"4.0.5","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6591"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["31116"],"advisory":"PAN-SA-2012-0002","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}}]}