Paloalto PAN-OS vulnerabilities

CVE-2016-5195 [HIGH] CWE-362 Kernel Vulnerability Kernel Vulnerability A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW (ref # PAN-68074 / CVE-2016-5195). PAN-OS may be impacted by the Dirty COW (CVE-2016-5195) attack. A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write breakage of private read-only memory mappings. An attacker would first require access to a she

CVE-2017-5583 [MEDIUM] CWE-200 Information Disclosure in the Management Web Interface Information Disclosure in the Management Web Interface A vulnerability exists in the Management Web Interface that could result in Information Disclosure. (Ref # PAN-70428 / CVE-2017-5583) PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files from a folder. This issue affects PAN-OS 6.1.15 and earlie

CVE-2017-5584 [MEDIUM] CWE-79 Cross-Site Scripting in the Management Web Interface Cross-Site Scripting in the Management Web Interface A persistent cross-site scripting (XSS) vulnerability exists in the management web interface (ref # PAN-66838 / CVE-2017-5584). PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting (XSS) attack of the management web interface. Successful exploitation of this issue may allow an attacker to inject arbitrary Java

CVE-2016-9150 [CRITICAL] CWE-119 Buffer Overflow in the Management Web Interface Buffer Overflow in the Management Web Interface Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution (RCE). (Ref # PAN-63073/102953/CVE-2016-9150) An attacker with network access to the management web interface may be able to perform a remote code execution (RCE) or denial-of-service (DoS). This issue affects PAN-OS 5.0.19 and earlier; PA

CVE-2016-9151 [HIGH] CWE-264 Local Privilege Escalation Local Privilege Escalation Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges (Ref # PAN-61104/100499/CVE-2016-9151) A potential attacker with local shell access could manipulate arbitrary environment variables which could result in a process running with higher privileges. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earli

CVE-2016-6210 [MEDIUM] CWE-200 OpenSSH Vulnerability OpenSSH Vulnerability Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. (Ref # 100977/CVE-2016-6210). To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issue affects PAN-OS 5.0.X and earlier; PAN-OS 5.1.X and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS

CVE-2016-9149 [MEDIUM] CWE-19 XPath Injection XPath Injection The Addresses Object parsing function does not properly escape single quotes. (Ref # PAN-55237/92073/CVE-2016-9149) This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier Affected products: PAN-OS Solution: PAN-OS 5.0.20 and later; PAN-OS

CVE-2015-4000 [HIGH] CWE-119 PAN-SA-2016-0028 OpenSSL Vulnerabilities PAN-SA-2016-0028 OpenSSL Vulnerabilities The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411) The OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section

CVE-2016-0703 [MEDIUM] CWE-200 PAN-SA-2016-0030 OpenSSL Vulnerabilities PAN-SA-2016-0030 OpenSSL Vulnerabilities The OpenSSL library has been found to contain vulnerabilities CVE-2016-0703, CVE-2016-0704, and CVE-2016-0800. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-55477/92481) The OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from moderate to high but have not been shown to be expl

CVE-2014-9708 [MEDIUM] Web interface denial of service Web interface denial of service Palo Alto Networks web management server is vulnerable to a denial-of-service attack. (Ref # PAN-64917/105311) (CVE-2014-9708) This pre-authenticated denial-of-service attack could disrupt the web management interface. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier Affected pro

CVE-2015-5364 [HIGH] CWE-399 PAN-SA-2016-0025 Kernel Vulnerabilities PAN-SA-2016-0025 Kernel Vulnerabilities The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366. (Ref # PAN-52379/87408) The CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 an

CVE-2014-8176 [HIGH] CWE-119 PAN-SA-2016-0020 OpenSSL Vulnerabilities PAN-SA-2016-0020 OpenSSL Vulnerabilities The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2842. Palo Alto Networks software makes use of the vulnerable library. (Ref # 95622)

CVE-2015-7547 [HIGH] CWE-119 Glibc DNS Resolver Vulnerability Glibc DNS Resolver Vulnerability A vulnerability in the GNU libc (glibc) DNS resolver allows remote code execution (CVE-2015-7547). However, this issue can be exploited only from a DNS server that is under the control of an attacker. (Ref # 91886). This glibc issue is only exploitable by an attacker controlling the DNS server configured for the device. Furthermore, the attacker must overcome additional anti-exploitation mitigations,

CVE-2015-8158 [MEDIUM] CWE-400 PAN-SA-2016-0019 NTP Vulnerabilities PAN-SA-2016-0019 NTP Vulnerabilities The open source ntp project has been found to contain several vulnerabilities (CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016). Palo Alto... Also Palo Alto Networks make use of the CVEs: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978,

CVE-2016-1712 [HIGH] CWE-20 Local privilege escalation Local privilege escalation Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712). Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. This issue affec

CVE-2016-0777 [MEDIUM] CWE-119 PAN-SA-2016-0011 OpenSSH vulnerabilities PAN-SA-2016-0011 OpenSSH vulnerabilities OpenSSH contains two vulnerabilities (CVE-2016-0777 and CVE-2016-0778) affecting the SSH client roaming feature when connecting to a malicious server. CVEs: CVE-2016-0777, CVE-2016-0778 Affected products: PAN-OS

CVE-2016-2219 [MEDIUM] CWE-79 Cross-site scripting vulnerability Cross-site scripting vulnerability A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. (Ref 90635) (CVE-2016-2219). This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious javascript into the web interface. This issue affects PAN-OS 7.0.1 to PAN-OS 7.0.7 Affected products:

CVE-2016-3657 [CRITICAL] CWE-119 Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. (Ref. #89752) (CVE-2016-3657) An attacker with network access to the vulnerable GlobalProt

CVE-2016-3655 [CRITICAL] CWE-20 Unauthenticated Command Injection in Management Web Interface Unauthenticated Command Injection in Management Web Interface Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the management interface. (Ref. #89717) (CVE-2016-

CVE-2016-3656 [HIGH] CWE-119 Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656) This issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via