CVE-2019-1581 — OS Command Injection in Palo Alto Networks Pan-os

CWE-78 — OS Command Injection CWE-20 — Improper Input Validation4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

2.7%

top 14.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Paloalto Pan-os

Timeline

PublishedAug 23

Latest updateMay 24

Description

A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶CVEListV5palo_alto_networks/pan-os7.1 — 7.1.24-h1, 7.1.25+3

▶NVDpaloaltonetworks/pan-os8.0.0 — 8.0.19+3

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

GHSA

GHSA-xm25-5jmx-4mjc: Mitigation bypass in PAN-OS 7↗2022-05-24

▶

CVEList

PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface↗2019-08-23

▶

📋Vendor Advisories

Palo Alto

Remote code execution in PAN-OS SSH management interface↗2019-08-21

▶