CVE-2017-7945
published 2017-04-29CVE-2017-7945: The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different…
PriorityP349critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.84%
76.3th percentile
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | <= 6.1.15 | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jx68-2fp3-jrpx: The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6
ghsa_unreviewed·2022-05-13
CVE-2017-7945 [CRITICAL] CWE-209 GHSA-jx68-2fp3-jrpx: The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.
Palo Alto
Brute force attack on the PAN-OS GlobalProtect external interface
vendor_paloalto·2017-04-28·CVSS 9.8
CVE-2017-7945 [CRITICAL] CWE-209 Brute force attack on the PAN-OS GlobalProtect external interface
Brute force attack on the PAN-OS GlobalProtect external interface
A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for an attacker to brute force a username on PAN-OS GlobalProtect external Interface. The vulnerability is caused by PAN-OS provided different responses when supplying login credentials. (Ref # PAN-72769 / CVE-2017-7945)
Successful exploitation of this issue may allow a malicious user to conduct a brute force attack against PAN-OS GlobalProtect external interface.
This issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.8 and earlier, PAN-OS 8.0.1 and earlier
Affected products: PAN-OS
Solution: PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.9 and later, PAN-OS 8.0.2 and later
Workaround: Custome
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-04-29
Published