cbcvebase.
CVE-2018-9242
published 2018-07-03

CVE-2018-9242: The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete…

PriorityP424medium5.5CVSS 3.0
AVLACLPRLUINSUCNIHAN
EPSS
0.43%
34.2th percentile
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.

Affected

4 ranges
VendorProductVersion rangeFixed in
paloaltopan-os
paloaltonetworkspan-os<= 6.1.20
paloaltonetworkspan-os<= 8.0.9
paloaltonetworkspan-os7.1.0 – 7.1.16

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
nvdv2.06.6MEDIUMAV:L/AC:L/Au:N/C:N/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.