CVE-2017-7409 — Cross-site Scripting in Paloaltonetworks Pan-os
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 46.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 21
Latest updateMay 17
Description
Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7