{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Meltdown and Spectre update for WildFire-500 Appliance "}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2017-5715","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:33:18.187Z","generator":{"date":"2026-04-11T00:33:18.187Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2017-5715","initial_release_date":"2018-05-15T21:35:00.000Z","revision_history":[{"number":"1","date":"2026-04-10T17:33:18.000Z","summary":"Initial release"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"WildFire Appliance (WF-500)","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<8.0.10","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-6"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)>=8.0.10","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-6"}},{"category":"product_version_range","name":"vers:generic/WildFire Appliance (WF-500)<All","product":{"name":"Palo Alto Networks WildFire Appliance (WF-500)","product_id":"PANW-WildFire-Appliance-(WF-500)-2"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2017-5715","product_status":{"fixed":["PANW-WildFire-Appliance-(WF-500)-6"],"known_affected":["PANW-WildFire-Appliance-(WF-500)-6"],"known_not_affected":["PANW-WildFire-Appliance-(WF-500)-2"]},"notes":[{"category":"description","text":"Palo Alto Networks has determined that the WildFire-500 (WF-500) appliance is affected by the vulnerability disclosures known as Meltdown and Spectre, and has completed an update to address these issues.  The WF-500 software update is now available to customers that use the WF-500 appliance for on-premise sandboxing.  Please note that customers using the WildFire cloud service are NOT impacted by this advisory.  (PAN-91139/CVE-2017-5715)\nSuccessful exploitation of this issue may allow reads from the guest image to the host residing in a sandbox appliance. The analysis method utilized by the WF-500 mitigates the impact of this issue.\nThis issue affects WF-500 (WildFire Appliance) running appliance software versions 8.0.9 and earlier; all versions of 7.1, 7.0, and 6.1.  Please note: WF-500 appliance software versions 8.1.0 and later are not impacted by this advisory."}],"references":[{"category":"external","summary":"NVD - CVE-2017-5715","url":"https://nvd.nist.gov/vuln/detail/CVE-2017-5715"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2017-5715","url":"https://security.paloaltonetworks.com/CVE-2017-5715"}],"threats":[{"category":"impact","description":"Palo Alto Networks has determined that the WildFire-500 (WF-500) appliance is affected by the vulnerability disclosures known as Meltdown and Spectre, and has completed an update to address these issues.  The WF-500 software update is now available to customers that use the WF-500 appliance for on-premise sandboxing.  Please note that customers using the WildFire cloud service are NOT impacted by this advisory.  (PAN-91139/CVE-2017-5715)\nSuccessful exploitation of this issue may allow reads from the guest image to the host residing in a sandbox appliance. The analysis method utilized by the WF-500 mitigates the impact of this issue.\nThis issue affects WF-500 (WildFire Appliance) running appliance software versions 8.0.9 and earlier; all versions of 7.1, 7.0, and 6.1.  Please note: WF-500 appliance software versions 8.1.0 and later are not impacted by this advisory."}],"scores":[{"cvss_v3":{"version":"3.1","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseSeverity":"MEDIUM","baseScore":5.6,"vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N"},"products":["PANW-WildFire-Appliance-(WF-500)-6"]}]}]}