CVE-2019-1582
published 2019-08-23CVE-2019-1582: Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying…
PriorityP339high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
EPSS
1.04%
59.6th percentile
Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paloalto | pan-os | — | — |
| paloaltonetworks | pan-os | 8.1.0 – 8.1.9 | — |
| paloaltonetworks | pan-os | 9.0.0 – 9.0.3 | — |
CVSS provenance
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
Memory Corruption in PAN-OS
vendor_paloalto·2019-08-21·CVSS 7.2
CVE-2019-1582 [HIGH] CWE-119 Memory Corruption in PAN-OS
Memory Corruption in PAN-OS
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. (Ref: # PAN-123700/ CVE-2019-1582).
Successful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
This issue affects PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected.
Affected products: PAN-OS
Solution: PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later.
Workaround: These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Be
GHSA
GHSA-h6gp-3wvg-78j5: Memory corruption in PAN-OS 8
ghsa_unreviewed·2022-05-24
CVE-2019-1582 [HIGH] GHSA-h6gp-3wvg-78j5: Memory corruption in PAN-OS 8
Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-08-23
Published