CVE-2017-7216
published 2017-05-02CVE-2017-7216: The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified…
PriorityP432medium6.5CVSS 3.0
AVNACLPRLUINSUCHINAN
EPSS
1.20%
64.3th percentile
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | <= 7.1.8 | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fgmr-fp8g-q2v6: The Management Web Interface in Palo Alto Networks PAN-OS before 7
ghsa_unreviewed·2022-05-13
CVE-2017-7216 [MEDIUM] CWE-200 GHSA-fgmr-fp8g-q2v6: The Management Web Interface in Palo Alto Networks PAN-OS before 7
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.
Palo Alto
Information Disclosure in the Management Web Interface
vendor_paloalto·2017-04-10·CVSS 6.5
CVE-2017-7216 [MEDIUM] CWE-200 Information Disclosure in the Management Web Interface
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface that could allow for Information Disclosure. The Management Web Interface does not properly validate specific request parameters which can potentially allow for Information Disclosure. (Ref # PAN-70434 / CVE-2017-7216)
Successfully exploiting this issue would require an attacker to be authenticated.
This issue affects PAN-OS 7.1.8 and earlier
Affected products: PAN-OS
Solution: PAN-OS 7.1.9 and later
Workaround: Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-05-02
Published