CVE-2017-15942
published 2017-12-11CVE-2017-15942: Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service…
PriorityP338high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
2.23%
80.6th percentile
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | < 6.1.19 | 6.1.19 |
| paloaltonetworks | pan-os | >= 7.0.0 < 7.0.19 | 7.0.19 |
| paloaltonetworks | pan-os | >= 7.1.0 < 7.1.13 | 7.1.13 |
| paloaltonetworks | pan-os | >= 8.0.0 < 8.0.6 | 8.0.6 |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
Denial of Service Against GlobalProtect
vendor_paloalto·2017-12-06·CVSS 7.5
CVE-2017-15942 [HIGH] CWE-399 Denial of Service Against GlobalProtect
Denial of Service Against GlobalProtect
A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)
PAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.
This issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier
Affected products: PAN-OS
Solution: PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and lat
GHSA
GHSA-j264-4x55-6jhq: Palo Alto Networks PAN-OS before 6
ghsa_unreviewed·2022-05-13
CVE-2017-15942 [HIGH] GHSA-j264-4x55-6jhq: Palo Alto Networks PAN-OS before 6
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-12-11
Published