All the vulnerabilites related to Palo Alto Networks - Prisma Access
cve-2021-3060
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)
References
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3060"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.20-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.20-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14-h3",
"status": "unaffected"
}
],
"lessThan": "9.0.14-h3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.11-h2",
"status": "unaffected"
}
],
"lessThan": "9.1.11-h2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "2.1 Preferred"
},
{
"status": "affected",
"version": "2.1 Innovation"
},
{
"lessThan": "2.2*",
"status": "unaffected",
"version": "all",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting \u0027Device \u003e Master Key and Diagnostics\u0027 from the web interface and change the key if needed.\n"
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, we expect exploits for this issue to become publicly available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:24",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3060"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
},
{
"lang": "en",
"value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176661"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)",
"workarounds": [
{
"lang": "en",
"value": "Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3060",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Preferred"
},
{
"version_affected": "!\u003e=",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting \u0027Device \u003e Master Key and Diagnostics\u0027 from the web interface and change the key if needed.\n"
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, we expect exploits for this issue to become publicly available."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3060",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3060"
},
{
"name": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html",
"refsource": "MISC",
"url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
},
{
"name": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html",
"refsource": "MISC",
"url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
},
{
"lang": "en",
"value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176661"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.1",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3060",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3387
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "10.2.2"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "10.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-19T19:33:54.917377Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:31:52.758Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3387"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0.0"
},
{
"status": "unaffected",
"version": "9.1.0"
},
{
"changes": [
{
"at": "10.1.12",
"status": "unaffected"
}
],
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.7-h3",
"status": "unaffected"
}
],
"lessThan": "10.2.7-h3",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.8",
"status": "unaffected"
}
],
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.4",
"status": "unaffected"
}
],
"lessThan": "11.0.4",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks one of our customers for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."
}
],
"value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-20",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-20 Encryption Brute Forcing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-326",
"description": "CWE-326 Inadequate Encryption Strength",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:36.676Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3387"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-200047"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3387",
"datePublished": "2024-04-10T17:06:36.676Z",
"dateReserved": "2024-04-05T17:40:19.884Z",
"dateUpdated": "2024-08-01T20:12:06.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5913
Vulnerability from cvelistv5
Published
2024-07-10 18:40
Modified
2024-08-06 04:19
Severity
Summary
PAN-OS: Improper Input Validation Vulnerability in PAN-OS
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.2.10",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "11.2.1",
"status": "affected",
"version": "11.2",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "11.0.5",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.1.14-h2",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5913",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-10T19:50:29.169156Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T20:05:27.355Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:25:02.975Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.1.14-h2",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h2",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.10",
"status": "unaffected"
}
],
"lessThan": "10.2.10",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.5",
"status": "unaffected"
}
],
"lessThan": "11.0.5",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.4",
"status": "unaffected"
}
],
"lessThan": "11.1.4",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.2.1",
"status": "unaffected"
}
],
"lessThan": "11.2.1",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "None"
},
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "None"
},
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Independent Security Researcher Pear1y"
},
{
"lang": "en",
"type": "finder",
"value": "Joel Land of CISA Vulnerability Response and Coordination"
},
{
"lang": "en",
"type": "finder",
"value": "rqu"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Castillo of Palo Alto Networks"
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
}
],
"value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T04:19:19.068Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5913"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2024-07-10T16:00:00.000Z",
"ID": "CVE-2024-5913",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.14-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.14-h2"
},
{
"version_affected": "\u003c",
"version_name": "10.2",
"version_value": "10.2.10"
},
{
"version_affected": "!\u003e=",
"version_name": "10.2",
"version_value": "10.2.10"
},
{
"version_affected": "\u003c",
"version_name": "11.0",
"version_value": "11.0.5"
},
{
"version_affected": "!\u003e=",
"version_name": "11.0",
"version_value": "11.0.5"
},
{
"version_affected": "\u003c",
"version_name": "11.1",
"version_value": "11.1.4"
},
{
"version_affected": "!\u003e=",
"version_name": "11.1",
"version_value": "11.1.4"
},
{
"version_affected": "\u003c",
"version_name": "11.2",
"version_value": "11.2.1"
},
{
"version_affected": "!\u003e=",
"version_name": "11.2",
"version_value": "11.2.1"
}
]
}
},
{
"product_name": "Cloud NGFW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "None"
},
{
"version_affected": "!",
"version_value": "All"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "None"
},
{
"version_affected": "!",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Independent Security Researcher Pear1y, Joel Land of CISA Vulnerability Response and Coordination, and Enrique Castillo of Palo Alto Networks for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
}
]
},
"exploit": [
{
"lang": "eng",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "vulnogram 0.1.0-rc1"
},
"impact": {
"cvss": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "PHYSICAL",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2023-case-PAN-253982"
}
]
},
"solution": [
{
"lang": "eng",
"value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "eng",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5913",
"datePublished": "2024-07-10T18:40:29.769Z",
"dateReserved": "2024-06-12T15:27:56.398Z",
"dateUpdated": "2024-08-06T04:19:19.068Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6790
Vulnerability from cvelistv5
Published
2023-12-13 18:15
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6790"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.25",
"status": "unaffected"
}
],
"lessThan": "8.1.25",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.9",
"status": "unaffected"
}
],
"lessThan": "10.1.9",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface."
}
],
"value": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:15:48.142Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6790"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6790",
"datePublished": "2023-12-13T18:15:48.142Z",
"dateReserved": "2023-12-13T17:27:24.529Z",
"dateUpdated": "2024-08-02T08:42:07.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3061
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3061 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.20-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.20-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14-h3",
"status": "unaffected"
}
],
"lessThan": "9.0.14-h3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.11-h2",
"status": "unaffected"
}
],
"lessThan": "9.1.11-h2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.2 all"
},
{
"status": "affected",
"version": "2.1 Preferred"
},
{
"status": "affected",
"version": "2.1 Innovation"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks CJ, an external security researcher, and Ben Nott from Palo Alto Networks for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:26",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3061"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176655",
"PAN-158334"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)",
"workarounds": [
{
"lang": "en",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS CLI. You can mitigate the impact of this issue by following best practices for securing PAN-OS software. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3061",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11-h2"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Preferred"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks CJ, an external security researcher, and Ben Nott from Palo Alto Networks for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3061",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3061"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176655",
"PAN-158334"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS CLI. You can mitigate the impact of this issue by following best practices for securing PAN-OS software. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.1",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3061",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3064
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3064 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.363Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3064"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0.*"
},
{
"status": "unaffected",
"version": "9.1.*"
},
{
"status": "unaffected",
"version": "10.0.*"
},
{
"status": "unaffected",
"version": "10.1.*"
},
{
"changes": [
{
"at": "8.1.17",
"status": "unaffected"
}
],
"lessThan": "8.1.17",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.2 all"
},
{
"status": "unaffected",
"version": "2.1 all"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:30",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3064"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-96528"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces",
"workarounds": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3064",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.17"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.17"
},
{
"version_affected": "!",
"version_name": "9.0",
"version_value": "9.0.*"
},
{
"version_affected": "!",
"version_name": "9.1",
"version_value": "9.1.*"
},
{
"version_affected": "!",
"version_name": "10.0",
"version_value": "10.0.*"
},
{
"version_affected": "!",
"version_name": "10.1",
"version_value": "10.1.*"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3064",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3064"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-96528"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3064",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.363Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3056
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3056 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3056"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "10.1.*"
},
{
"changes": [
{
"at": "9.0.14",
"status": "unaffected"
}
],
"lessThan": "9.0.14",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.20",
"status": "unaffected"
}
],
"lessThan": "8.1.20",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.9",
"status": "unaffected"
}
],
"lessThan": "9.1.9",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.1",
"status": "unaffected"
}
],
"lessThan": "10.0.1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.2 all"
},
{
"status": "affected",
"version": "2.1 Preferred"
},
{
"status": "unaffected",
"version": "2.1 Innovation"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with the Clientless VPN feature and SAML authentication enabled for GlobalProtect Portal."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during an internal security review."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:19",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3056"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-149501"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication",
"workarounds": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat ID 91585 on traffic processed by the firewall to block attacks against CVE-2021-3056."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3056",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.9"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.9"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.1"
},
{
"version_affected": "!",
"version_name": "10.1",
"version_value": "10.1.*"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Preferred"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with the Clientless VPN feature and SAML authentication enabled for GlobalProtect Portal."
}
],
"credit": [
{
"lang": "eng",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during an internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3056",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3056"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-149501"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat ID 91585 on traffic processed by the firewall to block attacks against CVE-2021-3056."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3056",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5916
Vulnerability from cvelistv5
Published
2024-08-14 16:41
Modified
2024-08-14 18:25
Severity
6.0 (Medium) - cvssV4_0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber
Summary
PAN-OS: Cleartext Exposure of External System Secrets
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-14T18:17:46.783901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T18:25:01.965Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.1"
},
{
"status": "unaffected",
"version": "10.1"
},
{
"changes": [
{
"at": "10.2.8",
"status": "unaffected"
}
],
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.4",
"status": "unaffected"
}
],
"lessThan": "11.0.4",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"AWS",
"Azure"
],
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "Before 8/15"
},
{
"status": "unaffected",
"version": "On or after 8/15"
},
{
"status": "affected",
"version": "Before 8/23"
},
{
"status": "unaffected",
"version": "On or after 8/23"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Hari Yadavalli of Palo Alto Networks"
}
],
"datePublic": "2024-08-14T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems."
}
],
"value": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-116",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-116 Excavation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-313",
"description": "CWE-313: Cleartext Storage in a File or on Disk",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T16:41:15.812Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-5916"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions. This issue is fixed in Cloud NGFW on or after 8/15 on Azure, Cloud NGFW on or after 8/23 on AWS, and all later Cloud NGFW versions.\n\nYou should also revoke the secrets, passwords, and tokens that are configured in all server profiles of affected PAN-OS firewalls (Device \u0026gt; Server Profiles) after upgrading PAN-OS.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions. This issue is fixed in Cloud NGFW on or after 8/15 on Azure, Cloud NGFW on or after 8/23 on AWS, and all later Cloud NGFW versions.\n\nYou should also revoke the secrets, passwords, and tokens that are configured in all server profiles of affected PAN-OS firewalls (Device \u003e Server Profiles) after upgrading PAN-OS."
}
],
"source": {
"defect": [
"PAN-231823"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-08-14T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Cleartext Exposure of External System Secrets",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5916",
"datePublished": "2024-08-14T16:41:15.812Z",
"dateReserved": "2024-06-12T15:27:56.840Z",
"dateUpdated": "2024-08-14T18:25:01.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3062
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3062 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3062"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"VM-Series"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "10.1.*"
},
{
"changes": [
{
"at": "9.1.11",
"status": "unaffected"
}
],
"lessThan": "9.1.11",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.20",
"status": "unaffected"
}
],
"lessThan": "8.1.20",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14",
"status": "unaffected"
}
],
"lessThan": "9.0.14",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.1 all"
},
{
"status": "unaffected",
"version": "2.2 all"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 on the web interface."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls. Prisma Access customers are not impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:27",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3062"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions"
}
],
"source": {
"defect": [
"PAN-164422"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users",
"workarounds": [
{
"lang": "en",
"value": "There are no known workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3062",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"platform": "VM-Series",
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"platform": "VM-Series",
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20"
},
{
"platform": "VM-Series",
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14"
},
{
"platform": "VM-Series",
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"platform": "VM-Series",
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20"
},
{
"platform": "VM-Series",
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14"
},
{
"platform": "VM-Series",
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"platform": "VM-Series",
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"platform": "VM-Series",
"version_affected": "!",
"version_name": "10.1",
"version_value": "10.1.*"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "all"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 on the web interface."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls. Prisma Access customers are not impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3062",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3062"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions"
}
],
"source": {
"defect": [
"PAN-164422"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "There are no known workarounds for this issue."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3062",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3388
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: User Impersonation in GlobalProtect SSL VPN
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T14:39:04.465851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:48.331Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.617Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3388"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.26",
"status": "unaffected"
}
],
"lessThan": "8.1.26",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11-h4",
"status": "unaffected"
}
],
"lessThan": "10.1.11-h4",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.7-h3",
"status": "unaffected"
}
],
"lessThan": "10.2.7-h3",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.3",
"status": "unaffected"
}
],
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel."
}
],
"value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Ta-Lun Yen of TXOne Networks for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets."
}
],
"value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-194",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-194 Fake the Source of Data"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:40.685Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3388"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.\n"
}
],
"source": {
"defect": [
"PAN-224964"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: User Impersonation in GlobalProtect SSL VPN",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network \u003e GlobalProtect Gateways \u003e \u003cgateway-config\u003e \u003e GlobalProtect Gateway Configuration \u003e Agent \u003e Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.\u003cbr\u003e"
}
],
"value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network \u003e GlobalProtect Gateways \u003e \u003e GlobalProtect Gateway Configuration \u003e Agent \u003e Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3388",
"datePublished": "2024-04-10T17:06:40.685Z",
"dateReserved": "2024-04-05T17:40:20.687Z",
"dateUpdated": "2024-08-01T20:12:06.617Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3384
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T15:54:19.998958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:38.411Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3384"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.15-h1",
"status": "unaffected"
}
],
"lessThan": "9.1.15-h1",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.1.0"
},
{
"status": "unaffected",
"version": "10.2.0"
},
{
"status": "unaffected",
"version": "11.0.0"
},
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device \u003e User Identification \u003e User Mapping \u003e Palo Alto Networks User-ID Agent Setup \u003e NTLM)."
}
],
"value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device \u003e User Identification \u003e User Mapping \u003e Palo Alto Networks User-ID Agent Setup \u003e NTLM)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks rqu for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."
}
],
"value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:21.704Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3384"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-198992"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3384",
"datePublished": "2024-04-10T17:06:21.704Z",
"dateReserved": "2024-04-05T17:40:17.390Z",
"dateUpdated": "2024-08-01T20:12:06.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3059
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3059 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.098Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3059"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.20-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.20-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14-h3",
"status": "unaffected"
}
],
"lessThan": "9.0.14-h3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.11-h2",
"status": "unaffected"
}
],
"lessThan": "9.1.11-h2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "2.1 Innovation"
},
{
"status": "affected",
"version": "2.1 Preferred"
},
{
"lessThan": "2.2*",
"status": "unaffected",
"version": "all",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface. "
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:23",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3059"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n"
},
{
"lang": "en",
"value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176618"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates",
"workarounds": [
{
"lang": "en",
"value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3059",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11-h2"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!\u003e=",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Innovation"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Preferred"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface. "
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3059",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3059"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n"
},
{
"lang": "en",
"value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
}
],
"source": {
"defect": [
"PAN-176618"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.1",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3059",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6794
Vulnerability from cvelistv5
Published
2023-12-13 18:16
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: File Upload Vulnerability in the Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6794"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.26",
"status": "unaffected"
}
],
"lessThan": "8.1.26",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17-h1",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h1",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.14",
"status": "unaffected"
}
],
"lessThan": "9.1.14",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"value": "An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:16:39.175Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6794"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h1, PAN-OS 9.1.14, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h1, PAN-OS 9.1.14, and all later PAN-OS versions."
}
],
"source": {
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: File Upload Vulnerability in the Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6794",
"datePublished": "2023-12-13T18:16:39.175Z",
"dateReserved": "2023-12-13T17:27:26.884Z",
"dateUpdated": "2024-08-02T08:42:07.397Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6791
Vulnerability from cvelistv5
Published
2023-12-13 18:30
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: Plaintext Disclosure of External System Integration Credentials
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6791"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.24-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.9",
"status": "unaffected"
}
],
"lessThan": "10.1.9",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface."
}
],
"value": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-701",
"description": "CWE-701: Weakness Introduced During Design",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:30:17.115Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6791"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nYou should issue new credentials for the impacted external integrations after you upgrade your PAN-OS software to a fixed version to prevent the misuse of previously exposed credentials."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nYou should issue new credentials for the impacted external integrations after you upgrade your PAN-OS software to a fixed version to prevent the misuse of previously exposed credentials."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Plaintext Disclosure of External System Integration Credentials",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6791",
"datePublished": "2023-12-13T18:30:17.115Z",
"dateReserved": "2023-12-13T17:27:25.212Z",
"dateUpdated": "2024-08-02T08:42:07.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3400
Vulnerability from cvelistv5
Published
2024-04-12 07:20
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-3400 | vendor-advisory |
| https://unit42.paloaltonetworks.com/cve-2024-3400/ | technical-description |
| https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ | technical-description |
| https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/ | technical-description |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.2.9-h1 ",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "11.0.4-h1 ",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "11.1.2-h3 ",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3400",
"options": [
{
"Exploitation": "Active"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-17T04:00:13.543064Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-04-12",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-3400"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:31:26.144Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3400"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://unit42.paloaltonetworks.com/cve-2024-3400/"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/"
},
{
"tags": [
"technical-description",
"x_transferred"
],
"url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0.0"
},
{
"status": "unaffected",
"version": "9.1.0"
},
{
"status": "unaffected",
"version": "10.0.0"
},
{
"status": "unaffected",
"version": "10.1.0"
},
{
"changes": [
{
"at": "10.2.9-h1",
"status": "unaffected"
}
],
"lessThan": "10.2.9-h1",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.4-h1",
"status": "unaffected"
}
],
"lessThan": "11.0.4-h1",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.2-h3",
"status": "unaffected"
}
],
"lessThan": "11.1.2-h3",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\u003cbr\u003e\u003cbr\u003eYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Gateways or Network \u0026gt; GlobalProtect \u0026gt; Portals)."
}
],
"value": "This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\n\nYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways or Network \u003e GlobalProtect \u003e Portals)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Volexity for detecting and identifying this issue."
},
{
"lang": "en",
"type": "remediation verifier",
"value": "Capability Development Group at Bishop Fox for helping us verify the fixes and improve threat prevention signatures."
}
],
"datePublic": "2024-04-12T06:55:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\u003cbr\u003e\u003cbr\u003eCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability."
}
],
"value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\u003cbr\u003e\u003cbr\u003eMore information about the vulnerability\u0027s exploitation in the wild can be found in the Unit 42 threat brief (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://unit42.paloaltonetworks.com/cve-2024-3400/\"\u003ehttps://unit42.paloaltonetworks.com/cve-2024-3400/\u003c/a\u003e) and the Palo Alto Networks PSIRT blog post (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/)\"\u003ehttps://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/)\u003c/a\u003e."
}
],
"value": "Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\n\nMore information about the vulnerability\u0027s exploitation in the wild can be found in the Unit 42 threat brief ( https://unit42.paloaltonetworks.com/cve-2024-3400/ ) and the Palo Alto Networks PSIRT blog post ( https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/) ."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-19T22:27:27.179Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3400"
},
{
"tags": [
"technical-description"
],
"url": "https://unit42.paloaltonetworks.com/cve-2024-3400/"
},
{
"tags": [
"technical-description"
],
"url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/"
},
{
"tags": [
"technical-description"
],
"url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\u003cbr\u003e\u003cbr\u003eThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Customers who upgrade to these versions will be fully protected."
}
],
"value": "We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\n\nThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Customers who upgrade to these versions will be fully protected."
}
],
"source": {
"defect": [
"PAN-252214"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-12T06:55:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\u003cbr\u003e\u003cbr\u003eTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003ehttps://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\u003c/a\u003e for more information."
}
],
"value": "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\n\nTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 for more information."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3400",
"datePublished": "2024-04-12T07:20:00.707Z",
"dateReserved": "2024-04-05T17:40:30.117Z",
"dateUpdated": "2024-08-01T20:12:06.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0030
Vulnerability from cvelistv5
Published
2022-10-12 00:00
Modified
2024-08-02 23:18
Severity
Summary
PAN-OS: Authentication Bypass in Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0 All"
},
{
"status": "unaffected",
"version": "9.1 All"
},
{
"status": "unaffected",
"version": "10.1 All"
},
{
"status": "unaffected",
"version": "10.2 All"
},
{
"status": "unaffected",
"version": "10.0 All"
},
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks the security researcher that discovered and reported this issue."
}
],
"datePublic": "2022-10-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-290",
"description": "CWE-290 Authentication Bypass by Spoofing",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-12T00:00:00",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2022-0030"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html."
}
],
"source": {
"defect": [
"PAN-195571"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-10-12T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Authentication Bypass in Web Interface",
"workarounds": [
{
"lang": "en",
"value": "Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0030",
"datePublished": "2022-10-12T00:00:00",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0008
Vulnerability from cvelistv5
Published
2023-05-10 16:34
Modified
2024-08-02 04:54
Severity
Summary
PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.571Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.25",
"status": "unaffected"
}
],
"lessThan": "8.1.25",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.10",
"status": "unaffected"
}
],
"lessThan": "10.1.10",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alex Hordijk"
}
],
"datePublic": "2023-05-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\u003c/p\u003e"
}
],
"value": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": " "
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-73",
"description": "CWE-73: External Control of File Name or Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-11T17:18:58.787Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.10, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.10, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-205063"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-05-10T16:00:00.000Z",
"value": "Initial publication"
},
{
"lang": "en",
"time": "2023-05-11T17:05:00.000Z",
"value": "Clarified that the administrator must have read-write privileges"
}
],
"title": "PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-0008",
"datePublished": "2023-05-10T16:34:18.429Z",
"dateReserved": "2022-10-27T18:48:17.776Z",
"dateUpdated": "2024-08-02T04:54:32.571Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6793
Vulnerability from cvelistv5
Published
2023-12-13 18:40
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.419Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24-h1",
"status": "unaffected"
}
],
"lessThan": "All",
"status": "unaffected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "All",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11",
"status": "unaffected"
}
],
"lessThan": "10.1.11",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.2",
"status": "unaffected"
}
],
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
}
],
"value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage."
}
],
"value": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:40:54.955Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6793"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6793",
"datePublished": "2023-12-13T18:40:54.955Z",
"dateReserved": "2023-12-13T17:27:26.408Z",
"dateUpdated": "2024-08-02T08:42:07.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0028
Vulnerability from cvelistv5
Published
2022-08-10 00:00
Modified
2024-08-02 23:18
Severity
Summary
PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2022-0028 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:8.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "8.1.23-h",
"status": "affected",
"version": "8.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "9.0.16-h3",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "9.1 \u003c 9.1.14-h4",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.0.11-h1",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.1.6-h6",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.2.2-h2",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0028",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-16T04:00:16.271617Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-08-22",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-0028"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-06T13:45:09.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0028"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.23-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.23-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.16-h3",
"status": "unaffected"
}
],
"lessThan": "9.0.16-h3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.14-h4",
"status": "unaffected"
}
],
"lessThan": "9.1.14-h4",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.11-h1",
"status": "unaffected"
}
],
"lessThan": "10.0.11-h1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.6-h6",
"status": "unaffected"
}
],
"lessThan": "10.1.6-h6",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.2-h2",
"status": "unaffected"
}
],
"lessThan": "10.2.2-h2",
"status": "affected",
"version": "10.2",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.1 All"
},
{
"status": "unaffected",
"version": "2.2 All"
},
{
"status": "unaffected",
"version": "3.0 All"
},
{
"status": "unaffected",
"version": "3.1 All"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP Syn With Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks CERT-XLM for reporting this issue."
}
],
"datePublic": "2022-08-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-406",
"description": "CWE-406 Insufficient Control of Network Message Volume (Network Amplification)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-10T16:00:16",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0028"
}
],
"solutions": [
{
"lang": "en",
"value": "We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration\n\nWe intend to fix this issue for PA-Series, VM-Series and CN-Series firewalls with a fix in the following PAN-OS software releases: PAN-OS 8.1.23-h1 (ETA: week of August 8, 2022), PAN-OS 9.0.16-h3 (ETA: week of August 15, 2022), PAN-OS 9.1.14-h4 (ETA: week of August 15, 2022), PAN-OS 10.0.11-h1 (ETA: week of August 15, 2022), PAN-OS 10.1.6-h6 (ETA: week of August 8, 2022), and PAN-OS 10.2.2-h2 (ETA: week of August 15, 2022).\n\nWe expect to release all PAN-OS software updates for this issue no later than the week of August 15, 2022."
}
],
"source": {
"defect": [
"PAN-192999"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-08-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering",
"workarounds": [
{
"lang": "en",
"value": "If you have a URL filtering policy with one or more blocked categories assigned to a source zone that has an external facing network interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP SYN with Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nOR\n2. Flood protection (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\n1. It is not necessary nor advantageous to apply both the attack and flood protections. \n2. (Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-08-10T16:00:00.000Z",
"ID": "CVE-2022-0028",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cloud NGFW",
"version": {
"version_data": [
{
"version_affected": "!",
"version_value": "All"
}
]
}
},
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.23-h1"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.16-h3"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.14-h4"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.11-h1"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.6-h6"
},
{
"version_affected": "\u003c",
"version_name": "10.2",
"version_value": "10.2.2-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.23-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.16-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.14-h4"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.11-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.6-h6"
},
{
"version_affected": "!\u003e=",
"version_name": "10.2",
"version_value": "10.2.2-h2"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "All"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "All"
},
{
"version_affected": "!",
"version_name": "3.0",
"version_value": "All"
},
{
"version_affected": "!",
"version_name": "3.1",
"version_value": "All"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP Syn With Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks CERT-XLM for reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-406 Insufficient Control of Network Message Volume (Network Amplification)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0028",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0028"
}
]
},
"solution": [
{
"lang": "en",
"value": "We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration\n\nWe intend to fix this issue for PA-Series, VM-Series and CN-Series firewalls with a fix in the following PAN-OS software releases: PAN-OS 8.1.23-h1 (ETA: week of August 8, 2022), PAN-OS 9.0.16-h3 (ETA: week of August 15, 2022), PAN-OS 9.1.14-h4 (ETA: week of August 15, 2022), PAN-OS 10.0.11-h1 (ETA: week of August 15, 2022), PAN-OS 10.1.6-h6 (ETA: week of August 8, 2022), and PAN-OS 10.2.2-h2 (ETA: week of August 15, 2022).\n\nWe expect to release all PAN-OS software updates for this issue no later than the week of August 15, 2022."
}
],
"source": {
"defect": [
"PAN-192999"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-08-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "If you have a URL filtering policy with one or more blocked categories assigned to a source zone that has an external facing network interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP SYN with Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nOR\n2. Flood protection (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\n1. It is not necessary nor advantageous to apply both the attack and flood protections. \n2. (Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection"
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.2.2-h1",
"PAN-OS 10.2.2",
"PAN-OS 10.2.1",
"PAN-OS 10.2.0",
"PAN-OS 10.2",
"PAN-OS 10.1.6-h5",
"PAN-OS 10.1.6-h4",
"PAN-OS 10.1.6-h3",
"PAN-OS 10.1.6-h2",
"PAN-OS 10.1.6-h1",
"PAN-OS 10.1.6",
"PAN-OS 10.1.5-h2",
"PAN-OS 10.1.5-h1",
"PAN-OS 10.1.5",
"PAN-OS 10.1.4-h4",
"PAN-OS 10.1.4-h3",
"PAN-OS 10.1.4-h2",
"PAN-OS 10.1.4-h1",
"PAN-OS 10.1.4",
"PAN-OS 10.1.3",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.11",
"PAN-OS 10.0.10",
"PAN-OS 10.0.9",
"PAN-OS 10.0.8-h8",
"PAN-OS 10.0.8-h7",
"PAN-OS 10.0.8-h6",
"PAN-OS 10.0.8-h5",
"PAN-OS 10.0.8-h4",
"PAN-OS 10.0.8-h3",
"PAN-OS 10.0.8-h2",
"PAN-OS 10.0.8-h1",
"PAN-OS 10.0.8",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.14-h3",
"PAN-OS 9.1.14-h2",
"PAN-OS 9.1.14-h1",
"PAN-OS 9.1.14",
"PAN-OS 9.1.13-h3",
"PAN-OS 9.1.13-h2",
"PAN-OS 9.1.13-h1",
"PAN-OS 9.1.13",
"PAN-OS 9.1.12-h3",
"PAN-OS 9.1.12-h2",
"PAN-OS 9.1.12-h1",
"PAN-OS 9.1.12",
"PAN-OS 9.1.11-h3",
"PAN-OS 9.1.11-h2",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.16-h2",
"PAN-OS 9.0.16-h1",
"PAN-OS 9.0.16",
"PAN-OS 9.0.15",
"PAN-OS 9.0.14-h4",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.23",
"PAN-OS 8.1.22",
"PAN-OS 8.1.21-h1",
"PAN-OS 8.1.21",
"PAN-OS 8.1.20-h1",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0028",
"datePublished": "2022-08-10T00:00:00",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5911
Vulnerability from cvelistv5
Published
2024-07-10 18:40
Modified
2024-08-01 21:25
Severity
7.0 (High) - cvssV4_0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber
Summary
PAN-OS: File Upload Vulnerability in the Panorama Web Interface
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-5911 | vendor-advisory |
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T15:23:10.222176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T15:23:41.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:25:03.109Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5911"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Panorama"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.2",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.9",
"status": "unaffected"
}
],
"lessThan": "10.1.9",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yasukazu Miyashita of Palo Alto Networks"
}
],
"datePublic": "2024-07-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."
}
],
"value": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-240",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-240 Resource Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-10T18:40:02.209Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5911"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-182835"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: File Upload Vulnerability in the Panorama Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices ."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5911",
"datePublished": "2024-07-10T18:40:02.209Z",
"dateReserved": "2024-06-12T15:27:56.004Z",
"dateUpdated": "2024-08-01T21:25:03.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3058
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: OS Command Injection Vulnerability in Web Interface XML API
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3058 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:50.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14-h3",
"status": "unaffected"
}
],
"lessThan": "9.0.14-h3",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.20-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.20-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.11-h2",
"status": "unaffected"
}
],
"lessThan": "9.1.11-h2",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.1 all"
},
{
"status": "unaffected",
"version": "2.2 all"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:21",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3058"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-176653"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection Vulnerability in Web Interface XML API",
"workarounds": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3058",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: OS Command Injection Vulnerability in Web Interface XML API"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14-h3"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.20-h1"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11-h2"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "all"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3058",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3058"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-176653"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3058",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:50.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3386
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:cloud_ngfw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_ngfw",
"vendor": "palo_alto_networks",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prisma_access",
"vendor": "palo_alto_networks",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "palo_alto_networks",
"versions": [
{
"lessThan": "9.0.17-h2",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"lessThan": "10.0.13",
"status": "affected",
"version": "10.0.00",
"versionType": "custom"
},
{
"lessThan": "10.1.9-h3",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"lessThan": "10.1.10",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"lessThan": "10.2.4-h2",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "11.0.1-h2",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "11.1.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-10T19:11:36.523628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T15:13:59.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.0.17-h2",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h2",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.13",
"status": "unaffected"
}
],
"lessThan": "10.0.13",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.9-h3",
"status": "unaffected"
}
],
"lessThan": "10.1.9-h3",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.10",
"status": "unaffected"
}
],
"lessThan": "10.1.10",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4-h2",
"status": "unaffected"
}
],
"lessThan": "10.2.4-h2",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1-h2",
"status": "unaffected"
}
],
"lessThan": "11.0.1-h2",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.2",
"status": "unaffected"
}
],
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device \u003e Certificate Management \u003e SSL Decryption Exclusions)."
}
],
"value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device \u003e Certificate Management \u003e SSL Decryption Exclusions)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Frederic De Vlieger for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption."
}
],
"value": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-148",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-148 Content Spoofing"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:32.694Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3386"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-208155"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3386",
"datePublished": "2024-04-10T17:06:32.694Z",
"dateReserved": "2024-04-05T17:40:19.116Z",
"dateUpdated": "2024-08-01T20:12:06.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3383
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-09 20:22
Severity
Summary
PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3383"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3383",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-09T20:22:10.488052Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T20:22:18.991Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.1.0"
},
{
"changes": [
{
"at": "11.0.3",
"status": "unaffected"
}
],
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11",
"status": "unaffected"
}
],
"lessThan": "10.1.11",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "9.1.0"
},
{
"status": "unaffected",
"version": "9.0.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device \u003e User Identification \u003e Cloud Identity Engine)."
}
],
"value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device \u003e User Identification \u003e Cloud Identity Engine)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Rodgers Moore, CCIE# 8153 of Insight.com, for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."
}
],
"value": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-271",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-271 Schema Poisoning"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-282",
"description": "CWE-282: Improper Ownership Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:15.823Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3383"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-211764",
"PAN-218522"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3383",
"datePublished": "2024-04-10T17:06:15.823Z",
"dateReserved": "2024-04-05T17:40:16.359Z",
"dateUpdated": "2024-08-09T20:22:18.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3063
Vulnerability from cvelistv5
Published
2021-11-10 00:00
Modified
2024-08-03 16:45
Severity
Summary
PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2021-3063 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:51.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3063"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.21",
"status": "unaffected"
}
],
"lessThan": "8.1.21",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.14-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.14-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8-h4",
"status": "unaffected"
}
],
"lessThan": "10.0.8-h4",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.11-h3",
"status": "unaffected"
}
],
"lessThan": "9.1.11-h3",
"status": "affected",
"version": "9.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "2.2 all"
},
{
"status": "unaffected",
"version": "2.1 all"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
}
],
"credits": [
{
"lang": "en",
"value": " This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"datePublic": "2021-11-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers are not impacted by this issue."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-10T17:10:29",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2021-3063"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-180032"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces",
"workarounds": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
"ID": "CVE-2021-3063",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.14-h4"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.14-h4"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8-h4"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8-h4"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11-h3"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11-h3"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "all"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
}
],
"credit": [
{
"lang": "eng",
"value": " This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers are not impacted by this issue."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2021-3063",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2021-3063"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-180032"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2021-11-10T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.2",
"Prisma Access 2.1",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.8-h2",
"PAN-OS 10.0.8-h1",
"PAN-OS 10.0.8",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h2",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20-h1",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2021-3063",
"datePublished": "2021-11-10T00:00:00",
"dateReserved": "2021-01-06T00:00:00",
"dateUpdated": "2024-08-03T16:45:51.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0007
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Severity
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-18T21:30:12.989872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:43.367Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Panorama"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.24-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.25",
"status": "unaffected"
}
],
"lessThan": "8.1.25",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.11",
"status": "unaffected"
}
],
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.6",
"status": "unaffected"
}
],
"lessThan": "10.1.6",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.2"
},
{
"status": "unaffected",
"version": "11.0"
},
{
"status": "unaffected",
"version": "11.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue."
}
],
"datePublic": "2024-02-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator."
}
],
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:32:08.971Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-0007"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed on Panorama in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed on Panorama in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-173112"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-14T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94996 (Applications and Threats content update 8810)."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices .\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94996 (Applications and Threats content update 8810)."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-0007",
"datePublished": "2024-02-14T17:32:08.971Z",
"dateReserved": "2023-11-09T18:55:58.478Z",
"dateUpdated": "2024-08-01T17:41:15.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0022
Vulnerability from cvelistv5
Published
2022-03-09 00:00
Modified
2024-08-02 23:18
Severity
Summary
PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2022-0022 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "10.1.*"
},
{
"status": "affected",
"version": "9.0.*"
},
{
"status": "unaffected",
"version": "10.2.*"
},
{
"changes": [
{
"at": "9.1.11",
"status": "unaffected"
}
],
"lessThan": "9.1.11",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.21",
"status": "unaffected"
}
],
"lessThan": "8.1.21",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.7",
"status": "unaffected"
}
],
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "3.0 Preferred, Innovation"
},
{
"status": "unaffected",
"version": "2.2 Preferred"
},
{
"status": "unaffected",
"version": "2.1 Preferred, Innovation"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
}
],
"datePublic": "2022-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-916",
"description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-09T17:35:09",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies.\n"
}
],
"source": {
"defect": [
"PAN-127479"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-09T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes",
"workarounds": [
{
"lang": "en",
"value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-03-09T17:00:00.000Z",
"ID": "CVE-2022-0022",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.7"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.11"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.7"
},
{
"version_affected": "!",
"version_name": "10.1",
"version_value": "10.1.*"
},
{
"version_affected": "=",
"version_name": "9.0",
"version_value": "9.0.*"
},
{
"version_affected": "!",
"version_name": "10.2",
"version_value": "10.2.*"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "3.0",
"version_value": "Preferred, Innovation"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "Preferred"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "Preferred, Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-916 Use of Password Hash With Insufficient Computational Effort"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0022",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0022"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies.\n"
}
],
"source": {
"defect": [
"PAN-127479"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-03-09T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html\n"
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.16",
"PAN-OS 9.0.15",
"PAN-OS 9.0.14-h4",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20-h1",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0022",
"datePublished": "2022-03-09T00:00:00",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0005
Vulnerability from cvelistv5
Published
2023-04-12 16:41
Modified
2024-08-02 04:54
Severity
Summary
PAN-OS: Exposure of Sensitive Information Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-0005"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.0"
},
{
"changes": [
{
"at": "10.2.3",
"status": "unaffected"
}
],
"lessThan": "10.2.3",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.8",
"status": "unaffected"
}
],
"lessThan": "10.1.8",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.15",
"status": "unaffected"
}
],
"lessThan": "9.1.15",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks the security researcher rqu for discovering and reporting this issue."
}
],
"datePublic": "2023-04-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys."
}
],
"value": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-497",
"description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T16:41:21.342Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0005"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.8, PAN-OS 10.2.3, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.8, PAN-OS 10.2.3, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-198986"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-04-12T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Exposure of Sensitive Information Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-0005",
"datePublished": "2023-04-12T16:41:21.342Z",
"dateReserved": "2022-10-27T18:48:14.336Z",
"dateUpdated": "2024-08-02T04:54:32.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0011
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Severity
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0011",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-14T19:24:56.532361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:19.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.533Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.13",
"status": "unaffected"
}
],
"lessThan": "9.1.13",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.11",
"status": "unaffected"
}
],
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.2"
},
{
"status": "unaffected",
"version": "11.0"
},
{
"status": "unaffected",
"version": "11.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication. You can verify whether you have Captive Portal configured in the Captive Portal Settings page (Device \u0026gt; User Identification \u0026gt; Captive Portal Settings)."
}
],
"value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication. You can verify whether you have Captive Portal configured in the Captive Portal Settings page (Device \u003e User Identification \u003e Captive Portal Settings)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Darek Jensen and an external reporter for discovering and reporting this issue."
}
],
"datePublic": "2024-02-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:32:34.809Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-0011"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.13, PAN-OS 10.0.11, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.13, PAN-OS 10.0.11, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-175970"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-14T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 93070 (Applications and Threats content update 8810).\u003cbr\u003e"
}
],
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 93070 (Applications and Threats content update 8810).\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-0011",
"datePublished": "2024-02-14T17:32:34.809Z",
"dateReserved": "2023-11-09T18:56:10.434Z",
"dateUpdated": "2024-08-01T17:41:15.533Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0010
Vulnerability from cvelistv5
Published
2023-06-14 16:31
Modified
2024-08-02 04:54
Severity
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.569Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Firewall"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.0"
},
{
"changes": [
{
"at": "10.2.2",
"status": "unaffected"
}
],
"lessThan": "10.2.2",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.6",
"status": "unaffected"
}
],
"lessThan": "10.1.6",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.11",
"status": "unaffected"
}
],
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis issue is applicable only to firewalls that are configured to use Captive Portal authentication.\u003c/p\u003e\u003cp\u003eOn PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: \u2018show deviceconfig setting captive-portal\u2019.\u003c/p\u003e"
}
],
"value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication.\n\nOn PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: \u2018show deviceconfig setting captive-portal\u2019.\n\n"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lockheed Martin Red Team"
}
],
"datePublic": "2023-06-14T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user\u2019s browser when they click on a specifically crafted link.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user\u2019s browser when they click on a specifically crafted link.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-14T16:31:35.543Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-191662"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-06-14T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-0010",
"datePublished": "2023-06-14T16:31:35.543Z",
"dateReserved": "2022-10-27T18:48:19.535Z",
"dateUpdated": "2024-08-02T04:54:32.569Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3385
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-22 18:10
Severity
Summary
PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3385"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "11.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_ngfw",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prisma_access",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T15:57:38.878804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T18:10:55.925Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.12",
"status": "unaffected"
}
],
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.8",
"status": "unaffected"
}
],
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.3",
"status": "unaffected"
}
],
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device \u003e Setup \u003e Management \u003e General Settings) and take the appropriate actions as needed."
}
],
"value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device \u003e Setup \u003e Management \u003e General Settings) and take the appropriate actions as needed."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"
}
],
"value": "A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476: NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:06:28.153Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3385"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-221224"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).\u003cbr\u003e"
}
],
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3385",
"datePublished": "2024-04-10T17:06:28.153Z",
"dateReserved": "2024-04-05T17:40:18.347Z",
"dateUpdated": "2024-08-22T18:10:55.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0010
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Severity
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T16:39:09.757949Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:38.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:14.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11-h1",
"status": "unaffected"
}
],
"lessThan": "10.1.11-h1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.12",
"status": "unaffected"
}
],
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "unaffected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.10-h1",
"status": "unaffected"
}
],
"lessThan": "10.1.10-h1",
"status": "unaffected",
"version": "11.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal enabled. You can verify whether you have a GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Portals)."
}
],
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal enabled. You can verify whether you have a GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Portals)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Micha\u0142 Majchrowicz and Livio Victoriano from Afine Team for discovering and reporting this issue."
}
],
"datePublic": "2024-02-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:32:28.818Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-0010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, PAN-OS 10.1.12, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, PAN-OS 10.1.12, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-216858"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-14T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94972 (Applications and Threats content update 8810).\u003cbr\u003e"
}
],
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94972 (Applications and Threats content update 8810).\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-0010",
"datePublished": "2024-02-14T17:32:28.818Z",
"dateReserved": "2023-11-09T18:56:08.476Z",
"dateUpdated": "2024-08-01T17:41:14.685Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-3382
Vulnerability from cvelistv5
Published
2024-04-10 17:05
Modified
2024-08-01 20:12
Severity
Summary
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "unaffected",
"version": "9.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "unaffected",
"version": "9.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "unaffected",
"version": "10.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.2.7-h3",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "11.0.4",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"lessThan": "11.1.2",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_ngfw",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "prisma_access",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3382",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-31T19:57:38.536146Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T20:04:14.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:12:06.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-3382"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0.0"
},
{
"status": "unaffected",
"version": "9.1.0"
},
{
"status": "unaffected",
"version": "10.1.0"
},
{
"changes": [
{
"at": "10.2.7-h3",
"status": "unaffected"
}
],
"lessThan": "10.2.7-h3",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.4",
"status": "unaffected"
}
],
"lessThan": "11.0.4",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.2",
"status": "unaffected"
}
],
"lessThan": "11.1.2",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies \u003e Decryption)."
}
],
"value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies \u003e Decryption)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue."
}
],
"datePublic": "2024-04-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."
}
],
"value": "A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-10T17:05:47.325Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-3382"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-234921"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-04-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption)\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption)\u003c/a\u003e. Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion)\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion)\u003c/a\u003e.\u003cbr\u003e"
}
],
"value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption) . Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted ( https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion) .\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-3382",
"datePublished": "2024-04-10T17:05:47.325Z",
"dateReserved": "2024-04-05T17:40:15.104Z",
"dateUpdated": "2024-08-01T20:12:06.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0023
Vulnerability from cvelistv5
Published
2022-04-13 00:00
Modified
2024-08-02 23:18
Severity
Summary
PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2022-0023 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.446Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "10.2.*"
},
{
"changes": [
{
"at": "8.1.22",
"status": "unaffected"
}
],
"lessThan": "8.1.22",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.13",
"status": "unaffected"
}
],
"lessThan": "9.1.13",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.5",
"status": "unaffected"
}
],
"lessThan": "10.1.5",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.10",
"status": "unaffected"
}
],
"lessThan": "10.0.10",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.16",
"status": "unaffected"
}
],
"lessThan": "9.0.16",
"status": "affected",
"version": "9.0",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "3.0 Preferred, Innovation"
},
{
"status": "unaffected",
"version": "2.2 Preferred"
},
{
"status": "unaffected",
"version": "2.1 Preferred, Innovation"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS hardware and virtual firewalls with the DNS proxy feature enabled. You can verify whether DNS proxy is enabled by selecting \u0027Network \u003e DNS Proxy\u2019 from the web interface."
}
],
"credits": [
{
"lang": "en",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-13T18:35:10",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0023"
}
],
"solutions": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.22, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-164264"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-04-13T00:00:00",
"value": "Initial publication"
}
],
"title": "PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy",
"workarounds": [
{
"lang": "en",
"value": "Customers with a Threat Prevention subscription can block attack traffic related to this vulnerability by enabling Threat ID 92406 (Applications and Threats content update 8556).\n\nTo completely mitigate the risk of this issue, temporarily disable the DNS proxy feature until you are able to upgrade your PAN-OS software to a fixed version."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-0023",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.22"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.13"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.5"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.22"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.13"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.5"
},
{
"version_affected": "!",
"version_name": "10.2",
"version_value": "10.2.*"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.10"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.10"
},
{
"version_affected": "\u003c",
"version_name": "9.0",
"version_value": "9.0.16"
},
{
"version_affected": "!\u003e=",
"version_name": "9.0",
"version_value": "9.0.16"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "3.0",
"version_value": "Preferred, Innovation"
},
{
"version_affected": "!",
"version_name": "2.2",
"version_value": "Preferred"
},
{
"version_affected": "!",
"version_name": "2.1",
"version_value": "Preferred, Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only to PAN-OS hardware and virtual firewalls with the DNS proxy feature enabled. You can verify whether DNS proxy is enabled by selecting \u0027Network \u003e DNS Proxy\u2019 from the web interface."
}
],
"credit": [
{
"lang": "eng",
"value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-755 Improper Handling of Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0023",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0023"
}
]
},
"solution": [
{
"lang": "en",
"value": "This issue is fixed in PAN-OS 8.1.22, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-164264"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-04-13T00:00:00",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Customers with a Threat Prevention subscription can block attack traffic related to this vulnerability by enabling Threat ID 92406 (Applications and Threats content update 8556).\n\nTo completely mitigate the risk of this issue, temporarily disable the DNS proxy feature until you are able to upgrade your PAN-OS software to a fixed version."
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"PAN-OS 10.1.4",
"PAN-OS 10.1.3",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.9",
"PAN-OS 10.0.8",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.12",
"PAN-OS 9.1.11",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.15",
"PAN-OS 9.0.14-h4",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0023",
"datePublished": "2022-04-13T00:00:00",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6789
Vulnerability from cvelistv5
Published
2023-12-13 18:26
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.26",
"status": "unaffected"
}
],
"lessThan": "8.1.26",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "All",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11",
"status": "unaffected"
}
],
"lessThan": "10.1.11",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.2",
"status": "unaffected"
}
],
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Md Sameull Islam of Beetles Cyber Security LTD, Kajetan Rostojek, and an external reporter for discovering and reporting this issue."
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator."
}
],
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:26:30.524Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6789"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6789",
"datePublished": "2023-12-13T18:26:30.524Z",
"dateReserved": "2023-12-13T17:27:23.165Z",
"dateUpdated": "2024-08-02T08:42:07.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-38046
Vulnerability from cvelistv5
Published
2023-07-12 16:20
Modified
2024-08-02 17:30
Severity
Summary
PAN-OS: Read System Files and Resources During Configuration Commit
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T17:30:13.102Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-38046"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.1"
},
{
"status": "unaffected",
"version": "10.0"
},
{
"status": "unaffected",
"version": "9.1"
},
{
"status": "unaffected",
"version": "9.0"
},
{
"status": "unaffected",
"version": "8.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Kajetan Rostojek"
}
],
"datePublic": "2023-07-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system."
}
],
"value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-09T05:21:39.901Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-38046"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-208922"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-07-12T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Read System Files and Resources During Configuration Commit",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to PAN-OS. You can mitigate the impact of this issue by following best practices for securing PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
}
],
"value": "This issue requires the attacker to have authenticated access to PAN-OS. You can mitigate the impact of this issue by following best practices for securing PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices .\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-38046",
"datePublished": "2023-07-12T16:20:06.175Z",
"dateReserved": "2023-07-12T05:16:41.577Z",
"dateUpdated": "2024-08-02T17:30:13.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0009
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Severity
Summary
PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-15T20:06:19.062126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:59:03.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.849Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "9.0"
},
{
"status": "unaffected",
"version": "9.1"
},
{
"status": "unaffected",
"version": "10.1"
},
{
"changes": [
{
"at": "10.2.4",
"status": "unaffected"
}
],
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.1",
"status": "unaffected"
}
],
"lessThan": "11.0.1",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect gateway enabled. You can verify whether you have a GlobalProtect gateway configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Gateways)."
}
],
"value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect gateway enabled. You can verify whether you have a GlobalProtect gateway configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Matthew Fong for discovering and reporting this issue."
}
],
"datePublic": "2024-02-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address."
}
],
"value": "An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-940",
"description": "CWE-940 Improper Verification of Source of a Communication Channel",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:32:23.171Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-0009"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-209787"
],
"discovery": "USER"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-14T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Improper IP Address Verification in GlobalProtect Gateway",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-0009",
"datePublished": "2024-02-14T17:32:23.171Z",
"dateReserved": "2023-11-09T18:56:06.893Z",
"dateUpdated": "2024-08-01T17:41:15.849Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0011
Vulnerability from cvelistv5
Published
2022-02-09 00:00
Modified
2024-08-02 23:18
Severity
Summary
PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering
References
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2022-0011 | x_refsource_MISC |
Impacted products
| Vendor | Product |
|---|---|
| Palo Alto Networks | PAN-OS |
| Palo Alto Networks | Prisma Access |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:18:41.438Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "9.0.*"
},
{
"changes": [
{
"at": "8.1.21",
"status": "unaffected"
}
],
"lessThan": "8.1.21",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.12",
"status": "unaffected"
}
],
"lessThan": "9.1.12",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.8",
"status": "unaffected"
}
],
"lessThan": "10.0.8",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
}
]
},
{
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "3.0 Preferred, Innovation"
},
{
"status": "affected",
"version": "2.2 Preferred"
},
{
"status": "affected",
"version": "2.1 Preferred, Innovation"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "This issue is applicable only when you configure exceptions to URL filtering either by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile as per https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/url-filtering/block-and-allow-lists.html."
}
],
"credits": [
{
"lang": "en",
"value": "Palo Alto Networks thanks Chris Johnston of PricewaterhouseCoopers for discovering and reporting this issue."
}
],
"datePublic": "2022-02-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the specified pattern is considered a match. Entries with a caret (^) at the end of a hostname pattern match any top level domain. This may inadvertently allow or block more URLs than intended and allowing more URLs than intended represents a security risk. For example: example.com will match example.com.website.test example.com.* will match example.com.website.test example.com.^ will match example.com.test You should take special care when using such entries in policy rules that allow traffic. Where possible, use the exact list of hostname names ending with a forward slash (/) instead of using wildcards. PAN-OS 10.1 versions earlier than PAN-OS 10.1.3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 9.1 versions earlier than PAN-OS 9.1.12; all PAN-OS 9.0 versions; PAN-OS 8.1 versions earlier than PAN-OS 8.1.21, and Prisma Access 2.2 and 2.1 versions do not allow customers to change this behavior without changing the URL category list or EDL."
}
],
"exploits": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-10T18:10:15",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.paloaltonetworks.com/CVE-2022-0011"
}
],
"solutions": [
{
"lang": "en",
"value": "PAN-OS 8.1.21, PAN-OS 9.1.12, PAN-OS 10.0.8, PAN-OS 10.1.3, Prisma Access 3.0 Preferred, and Prisma Access 3.0 Innovation all include a customer configurable option to automatically append a forward slash at the end of the hostname pattern for entries without an ending token in a custom URL category list or in an external dynamic list (EDL).\n\nPrisma Access customers should refer to \u201cSTEP 7\u201d in the following Prisma Access 3.0 documentation to enable this feature:\n\nhttps://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/prisma-access-service-infrastructure/enable-the-service-infrastructure.html\n\nFor other PAN-OS appliances, this option is enabled by running these CLI commands:\n debug device-server append-end-token on\n commit force\n\nNote: This option is disabled by default on PAN-OS 8.1, PAN-OS 9.1, PAN-OS 10.0, and PAN-OS 10.1. This option will be enabled by default starting with the next major version of PAN-OS. This option is not available on PAN-OS 9.0. Customers with PAN-OS 9.0 are advised to apply workarounds or upgrade to PAN-OS 9.1 or a later version.\n\nAdditionally, customers must evaluate their custom URL category list or their external dynamic list (EDL) and any firewall policy rules that depend on them to determine whether this option provides the desired policy rule enforcement.\n\nExample 1: If the firewall policy rule is intended to allow only \u0027www.example.com\u0027 and not to allow access to any other site, such as www.example.com.webiste.test, then use the \"debug device-server append-end-token on\" CLI command.\n\nExample 2: If the firewall policy rule is set to block access to \u0027www.example.co\u0027 and block access to sites such as www.example.com, www.example.co.az, then keep the default setting (\"debug device-server append-end-token off\" CLI command). You should always use the most appropriate token if you need to match multiple hostnames in a policy rule.\n"
}
],
"source": {
"defect": [
"PAN-174443"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-02-09T00:00:00",
"value": "initial publication"
}
],
"title": "PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering",
"workarounds": [
{
"lang": "en",
"value": "Add a forward slash (/) at the end of the hostname pattern for all entries in the custom URL category list or the external dynamic list (EDL).\n\nFor example:\n example.com/ will not match example.com.website.test\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2022-02-09T17:00:00.000Z",
"ID": "CVE-2022-0011",
"STATE": "PUBLIC",
"TITLE": "PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "\u003c",
"version_name": "9.1",
"version_value": "9.1.12"
},
{
"version_affected": "\u003c",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "!\u003e=",
"version_name": "8.1",
"version_value": "8.1.21"
},
{
"version_affected": "!\u003e=",
"version_name": "9.1",
"version_value": "9.1.12"
},
{
"version_affected": "!\u003e=",
"version_name": "10.0",
"version_value": "10.0.8"
},
{
"version_affected": "=",
"version_name": "9.0",
"version_value": "9.0.*"
},
{
"version_affected": "\u003c",
"version_name": "10.1",
"version_value": "10.1.3"
},
{
"version_affected": "!\u003e=",
"version_name": "10.1",
"version_value": "10.1.3"
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_affected": "!",
"version_name": "3.0",
"version_value": "Preferred, Innovation"
},
{
"version_affected": "=",
"version_name": "2.2",
"version_value": "Preferred"
},
{
"version_affected": "=",
"version_name": "2.1",
"version_value": "Preferred, Innovation"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "This issue is applicable only when you configure exceptions to URL filtering either by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile as per https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/url-filtering/block-and-allow-lists.html."
}
],
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Chris Johnston of PricewaterhouseCoopers for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the specified pattern is considered a match. Entries with a caret (^) at the end of a hostname pattern match any top level domain. This may inadvertently allow or block more URLs than intended and allowing more URLs than intended represents a security risk. For example: example.com will match example.com.website.test example.com.* will match example.com.website.test example.com.^ will match example.com.test You should take special care when using such entries in policy rules that allow traffic. Where possible, use the exact list of hostname names ending with a forward slash (/) instead of using wildcards. PAN-OS 10.1 versions earlier than PAN-OS 10.1.3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 9.1 versions earlier than PAN-OS 9.1.12; all PAN-OS 9.0 versions; PAN-OS 8.1 versions earlier than PAN-OS 8.1.21, and Prisma Access 2.2 and 2.1 versions do not allow customers to change this behavior without changing the URL category list or EDL."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-436 Interpretation Conflict"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.paloaltonetworks.com/CVE-2022-0011",
"refsource": "MISC",
"url": "https://security.paloaltonetworks.com/CVE-2022-0011"
}
]
},
"solution": [
{
"lang": "en",
"value": "PAN-OS 8.1.21, PAN-OS 9.1.12, PAN-OS 10.0.8, PAN-OS 10.1.3, Prisma Access 3.0 Preferred, and Prisma Access 3.0 Innovation all include a customer configurable option to automatically append a forward slash at the end of the hostname pattern for entries without an ending token in a custom URL category list or in an external dynamic list (EDL).\n\nPrisma Access customers should refer to \u201cSTEP 7\u201d in the following Prisma Access 3.0 documentation to enable this feature:\n\nhttps://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/prisma-access-service-infrastructure/enable-the-service-infrastructure.html\n\nFor other PAN-OS appliances, this option is enabled by running these CLI commands:\n debug device-server append-end-token on\n commit force\n\nNote: This option is disabled by default on PAN-OS 8.1, PAN-OS 9.1, PAN-OS 10.0, and PAN-OS 10.1. This option will be enabled by default starting with the next major version of PAN-OS. This option is not available on PAN-OS 9.0. Customers with PAN-OS 9.0 are advised to apply workarounds or upgrade to PAN-OS 9.1 or a later version.\n\nAdditionally, customers must evaluate their custom URL category list or their external dynamic list (EDL) and any firewall policy rules that depend on them to determine whether this option provides the desired policy rule enforcement.\n\nExample 1: If the firewall policy rule is intended to allow only \u0027www.example.com\u0027 and not to allow access to any other site, such as www.example.com.webiste.test, then use the \"debug device-server append-end-token on\" CLI command.\n\nExample 2: If the firewall policy rule is set to block access to \u0027www.example.co\u0027 and block access to sites such as www.example.com, www.example.co.az, then keep the default setting (\"debug device-server append-end-token off\" CLI command). You should always use the most appropriate token if you need to match multiple hostnames in a policy rule.\n"
}
],
"source": {
"defect": [
"PAN-174443"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2022-02-09T00:00:00",
"value": "initial publication"
}
],
"work_around": [
{
"lang": "en",
"value": "Add a forward slash (/) at the end of the hostname pattern for all entries in the custom URL category list or the external dynamic list (EDL).\n\nFor example:\n example.com/ will not match example.com.website.test\n"
}
],
"x_advisoryEoL": false,
"x_affectedList": [
"Prisma Access 2.2",
"Prisma Access 2.1",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0",
"PAN-OS 10.1",
"PAN-OS 10.0.7",
"PAN-OS 10.0.6",
"PAN-OS 10.0.5",
"PAN-OS 10.0.4",
"PAN-OS 10.0.3",
"PAN-OS 10.0.2",
"PAN-OS 10.0.1",
"PAN-OS 10.0.0",
"PAN-OS 10.0",
"PAN-OS 9.1.11-h3",
"PAN-OS 9.1.11-h2",
"PAN-OS 9.1.11-h1",
"PAN-OS 9.1.11",
"PAN-OS 9.1.10",
"PAN-OS 9.1.9",
"PAN-OS 9.1.8",
"PAN-OS 9.1.7",
"PAN-OS 9.1.6",
"PAN-OS 9.1.5",
"PAN-OS 9.1.4",
"PAN-OS 9.1.3-h1",
"PAN-OS 9.1.3",
"PAN-OS 9.1.2-h1",
"PAN-OS 9.1.2",
"PAN-OS 9.1.1",
"PAN-OS 9.1.0-h3",
"PAN-OS 9.1.0-h2",
"PAN-OS 9.1.0-h1",
"PAN-OS 9.1.0",
"PAN-OS 9.1",
"PAN-OS 9.0.15",
"PAN-OS 9.0.14-h4",
"PAN-OS 9.0.14-h3",
"PAN-OS 9.0.14-h2",
"PAN-OS 9.0.14-h1",
"PAN-OS 9.0.14",
"PAN-OS 9.0.13",
"PAN-OS 9.0.12",
"PAN-OS 9.0.11",
"PAN-OS 9.0.10",
"PAN-OS 9.0.9-h1",
"PAN-OS 9.0.9",
"PAN-OS 9.0.8",
"PAN-OS 9.0.7",
"PAN-OS 9.0.6",
"PAN-OS 9.0.5",
"PAN-OS 9.0.4",
"PAN-OS 9.0.3-h3",
"PAN-OS 9.0.3-h2",
"PAN-OS 9.0.3-h1",
"PAN-OS 9.0.3",
"PAN-OS 9.0.2-h4",
"PAN-OS 9.0.2-h3",
"PAN-OS 9.0.2-h2",
"PAN-OS 9.0.2-h1",
"PAN-OS 9.0.2",
"PAN-OS 9.0.1",
"PAN-OS 9.0.0",
"PAN-OS 9.0",
"PAN-OS 8.1.20-h1",
"PAN-OS 8.1.20",
"PAN-OS 8.1.19",
"PAN-OS 8.1.18",
"PAN-OS 8.1.17",
"PAN-OS 8.1.16",
"PAN-OS 8.1.15-h3",
"PAN-OS 8.1.15-h2",
"PAN-OS 8.1.15-h1",
"PAN-OS 8.1.15",
"PAN-OS 8.1.14-h2",
"PAN-OS 8.1.14-h1",
"PAN-OS 8.1.14",
"PAN-OS 8.1.13",
"PAN-OS 8.1.12",
"PAN-OS 8.1.11",
"PAN-OS 8.1.10",
"PAN-OS 8.1.9-h4",
"PAN-OS 8.1.9-h3",
"PAN-OS 8.1.9-h2",
"PAN-OS 8.1.9-h1",
"PAN-OS 8.1.9",
"PAN-OS 8.1.8-h5",
"PAN-OS 8.1.8-h4",
"PAN-OS 8.1.8-h3",
"PAN-OS 8.1.8-h2",
"PAN-OS 8.1.8-h1",
"PAN-OS 8.1.8",
"PAN-OS 8.1.7",
"PAN-OS 8.1.6-h2",
"PAN-OS 8.1.6-h1",
"PAN-OS 8.1.6",
"PAN-OS 8.1.5",
"PAN-OS 8.1.4",
"PAN-OS 8.1.3",
"PAN-OS 8.1.2",
"PAN-OS 8.1.1",
"PAN-OS 8.1.0",
"PAN-OS 8.1"
],
"x_likelyAffectedList": [
"PAN-OS 8.0.20",
"PAN-OS 8.0.19-h1",
"PAN-OS 8.0.19",
"PAN-OS 8.0.18",
"PAN-OS 8.0.17",
"PAN-OS 8.0.16",
"PAN-OS 8.0.15",
"PAN-OS 8.0.14",
"PAN-OS 8.0.13",
"PAN-OS 8.0.12",
"PAN-OS 8.0.11-h1",
"PAN-OS 8.0.10",
"PAN-OS 8.0.9",
"PAN-OS 8.0.8",
"PAN-OS 8.0.7",
"PAN-OS 8.0.6-h3",
"PAN-OS 8.0.6-h2",
"PAN-OS 8.0.6-h1",
"PAN-OS 8.0.6",
"PAN-OS 8.0.5",
"PAN-OS 8.0.4",
"PAN-OS 8.0.3-h4",
"PAN-OS 8.0.3-h3",
"PAN-OS 8.0.3-h2",
"PAN-OS 8.0.3-h1",
"PAN-OS 8.0.3",
"PAN-OS 8.0.2",
"PAN-OS 8.0.1",
"PAN-OS 8.0.0",
"PAN-OS 8.0",
"PAN-OS 7.1.26",
"PAN-OS 7.1.25",
"PAN-OS 7.1.24-h1",
"PAN-OS 7.1.24",
"PAN-OS 7.1.23",
"PAN-OS 7.1.22",
"PAN-OS 7.1.21",
"PAN-OS 7.1.20",
"PAN-OS 7.1.19",
"PAN-OS 7.1.18",
"PAN-OS 7.1.17",
"PAN-OS 7.1.16",
"PAN-OS 7.1.15",
"PAN-OS 7.1.14",
"PAN-OS 7.1.13",
"PAN-OS 7.1.12",
"PAN-OS 7.1.11",
"PAN-OS 7.1.10",
"PAN-OS 7.1.9-h4",
"PAN-OS 7.1.9-h3",
"PAN-OS 7.1.9-h2",
"PAN-OS 7.1.9-h1",
"PAN-OS 7.1.9",
"PAN-OS 7.1.8",
"PAN-OS 7.1.7",
"PAN-OS 7.1.6",
"PAN-OS 7.1.5",
"PAN-OS 7.1.4-h2",
"PAN-OS 7.1.4-h1",
"PAN-OS 7.1.4",
"PAN-OS 7.1.3",
"PAN-OS 7.1.2",
"PAN-OS 7.1.1",
"PAN-OS 7.1.0",
"PAN-OS 7.1"
]
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2022-0011",
"datePublished": "2022-02-09T00:00:00",
"dateReserved": "2021-12-28T00:00:00",
"dateUpdated": "2024-08-02T23:18:41.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-2433
Vulnerability from cvelistv5
Published
2024-03-13 17:51
Modified
2024-08-12 18:54
Severity
Summary
PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-2433"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "unaffected",
"version": "11.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "cloud_ngfw",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "prisma_access",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThanOrEqual": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2433",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-13T19:59:46.619572Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T18:54:08.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Panorama"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.0.17-h4",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.12",
"status": "unaffected"
}
],
"lessThan": "10.1.12",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.8",
"status": "unaffected"
}
],
"lessThan": "10.2.8",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.3",
"status": "unaffected"
}
],
"lessThan": "11.0.3",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "11.1"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Omar Eissa (https://de.linkedin.com/in/oeissa) for discovering and reporting this issue."
}
],
"datePublic": "2024-03-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. \u003cbr\u003e\u003cbr\u003e\n\nThis issue affects only the web interface of the management plane; the dataplane is unaffected.\u003cbr\u003e"
}
],
"value": "An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. \n\n\n\nThis issue affects only the web interface of the management plane; the dataplane is unaffected.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T17:51:45.578Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-2433"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Panorama on PAN-OS 9.0.17-h4, PAN-OS 9.1.18, PAN-OS 10.1.12, PAN-OS 10.2.11, PAN-OS 11.0.4, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in Panorama on PAN-OS 9.0.17-h4, PAN-OS 9.1.18, PAN-OS 10.1.12, PAN-OS 10.2.11, PAN-OS 11.0.4, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-181876",
"PAN-218663"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-03-13T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the effect of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the effect of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices .\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-2433",
"datePublished": "2024-03-13T17:51:45.578Z",
"dateReserved": "2024-03-13T16:19:27.817Z",
"dateUpdated": "2024-08-12T18:54:08.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6795
Vulnerability from cvelistv5
Published
2023-12-13 18:17
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: OS Command Injection Vulnerability in the Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:08.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6795"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24-h1",
"status": "unaffected"
}
],
"lessThan": "8.1.24-h1",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.12",
"status": "unaffected"
}
],
"lessThan": "9.1.12",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.9",
"status": "unaffected"
}
],
"lessThan": "10.0.9",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.3",
"status": "unaffected"
}
],
"lessThan": "10.1.3",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"value": "An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:17:43.368Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6795"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection Vulnerability in the Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6795",
"datePublished": "2023-12-13T18:17:43.368Z",
"dateReserved": "2023-12-13T17:27:27.372Z",
"dateUpdated": "2024-08-02T08:42:08.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0007
Vulnerability from cvelistv5
Published
2023-05-10 16:30
Modified
2024-08-02 04:54
Severity
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-0007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Panorama"
],
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.0.7",
"status": "unaffected"
}
],
"lessThan": "10.0.7",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.16",
"status": "unaffected"
}
],
"lessThan": "9.1.16",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.1.25",
"status": "unaffected"
}
],
"lessThan": "8.1.25",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.1"
},
{
"status": "unaffected",
"version": "10.2"
},
{
"status": "unaffected",
"version": "11.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Colin McQueen"
}
],
"datePublic": "2023-05-10T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": " CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T16:30:47.049Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0007"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\n"
}
],
"source": {
"defect": [
"PAN-166872"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-05-10T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-0007",
"datePublished": "2023-05-10T16:30:47.049Z",
"dateReserved": "2022-10-27T18:48:16.758Z",
"dateUpdated": "2024-08-02T04:54:32.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-6792
Vulnerability from cvelistv5
Published
2023-12-13 18:16
Modified
2024-08-02 08:42
Severity
Summary
PAN-OS: OS Command Injection Vulnerability in the XML API
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:42:07.471Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-6792"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.15",
"status": "unaffected"
}
],
"lessThan": "9.1.15",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12",
"status": "unaffected"
}
],
"lessThan": "10.0.12",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.6",
"status": "unaffected"
}
],
"lessThan": "10.1.6",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "10.2",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
}
],
"value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Ethan Shackelford of IOActive for discovering and reporting this issue."
}
],
"datePublic": "2023-12-13T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"value": "An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T18:16:18.893Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-6792"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.6, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.6, and all later PAN-OS versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-12-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: OS Command Injection Vulnerability in the XML API",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 91715 (introduced in Applications and Threats content update 8473).\u003cbr\u003e\u003cbr\u003eThis issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 91715 (introduced in Applications and Threats content update 8473).\n\nThis issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-6792",
"datePublished": "2023-12-13T18:16:18.893Z",
"dateReserved": "2023-12-13T17:27:25.801Z",
"dateUpdated": "2024-08-02T08:42:07.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-0004
Vulnerability from cvelistv5
Published
2023-04-12 16:41
Modified
2024-08-02 04:54
Severity
Summary
PAN-OS: Local File Deletion Vulnerability
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:54:32.562Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2023-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "8.1.24",
"status": "unaffected"
}
],
"lessThan": "8.1.24",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.17",
"status": "unaffected"
}
],
"lessThan": "9.0.17",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.15",
"status": "unaffected"
}
],
"lessThan": "9.1.15",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.11",
"status": "unaffected"
}
],
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.6",
"status": "unaffected"
}
],
"lessThan": "10.1.6",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.2"
},
{
"status": "unaffected",
"version": "11.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Wim Barthier and Frank Lycops for discovering and reporting this issue."
}
],
"datePublic": "2023-04-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.\u003cbr\u003e\u003cbr\u003eThese files can include logs and system components that impact the integrity and availability of PAN-OS software."
}
],
"value": "A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.\n\nThese files can include logs and system components that impact the integrity and availability of PAN-OS software."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-703",
"description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-12T16:41:02.556Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0004"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-171625"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2023-04-12T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Local File Deletion Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2023-0004",
"datePublished": "2023-04-12T16:41:02.556Z",
"dateReserved": "2022-10-27T18:48:13.579Z",
"dateUpdated": "2024-08-02T04:54:32.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-0008
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Severity
Summary
PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:41:15.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-0008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.0.17-h2",
"status": "unaffected"
}
],
"lessThan": "9.0.17-h2",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.0.18",
"status": "unaffected"
}
],
"lessThan": "9.0.18",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "9.1.17",
"status": "unaffected"
}
],
"lessThan": "9.1.17",
"status": "affected",
"version": "9.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.12-h1",
"status": "unaffected"
}
],
"lessThan": "10.0.12-h1",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.13",
"status": "unaffected"
}
],
"lessThan": "10.0.13",
"status": "affected",
"version": "10.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.10-h1",
"status": "unaffected"
}
],
"lessThan": "10.1.10-h1",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.11",
"status": "unaffected"
}
],
"lessThan": "10.1.11",
"status": "affected",
"version": "10.1",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.5",
"status": "affected",
"version": "10.2",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.2",
"status": "unaffected"
}
],
"lessThan": "11.0.2",
"status": "affected",
"version": "11.0",
"versionType": "custom"
},
{
"lessThan": "All",
"status": "unaffected",
"version": "11.1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Brian Yaklin for discovering and reporting this issue."
}
],
"datePublic": "2024-02-14T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access."
}
],
"value": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-14T17:32:17.611Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-0008"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 9.0.17-h2, PAN-OS 9.1.17, PAN-OS 10.0.12-h1, PAN-OS 10.1.10-h1, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 9.0.17-h2, PAN-OS 9.1.17, PAN-OS 10.0.12-h1, PAN-OS 10.1.10-h1, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-211664"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-02-14T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that inactivity-based screen locks are enforced on endpoints with access to the PAN-OS web interface."
}
],
"value": "Ensure that inactivity-based screen locks are enforced on endpoints with access to the PAN-OS web interface."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-0008",
"datePublished": "2024-02-14T17:32:17.611Z",
"dateReserved": "2023-11-09T18:56:05.666Z",
"dateUpdated": "2024-08-01T17:41:15.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}