CVE-2019-17437Improper Handling of Insufficient Permissions or Privileges in Palo Alto Networks Pan-os

CWE-280Improper Handling of Insufficient Permissions or PrivilegesCWE-287Improper Authentication4 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 67.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Pan-osPaloaltonetworks Pan-osPaloalto Pan-os
Timeline
PublishedDec 5
Latest updateMay 24

Description

An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDpaloaltonetworks/pan-os7.1.07.1.25+3
CVEListV5palo_alto_networks/pan-os7.17.1.25+3
Palo Altopaloalto/pan-os

🔴Vulnerability Details

2
GHSA
GHSA-73g7-p5mh-vr2v: An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate priv2022-05-24
CVEList
PAN-OS: Custom-role users may escalate privileges2019-12-05

📋Vendor Advisories

1
Palo Alto
PAN-OS: Custom-role users may escalate privileges2019-12-04
CVE-2019-17437 — Palo vulnerability | cvebase