Access bypass in Palo Alto PAN-OS

1) Access bypass

EUVDB-ID: #VU1134

Risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: N/A

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote unauthenticated user to gain access to the target system.
The weakness is due to improper generation and processing of API authentication tokens for the firewall API interface. A remote attacker who can access an authenticated administrator's browser and obtain the firewall API authentication token can perform calls to the firewall API.
Successful exploitation of the vulnerability results in access to the firewall REST API.

Mitigation

Update to version 5.0.20, 5.1.13, 6.0.15, 6.1.15, 7.0.11, 7.1.5.

Vulnerable software versions

Palo Alto PAN-OS: 5.0.18 - 7.1.5

CPE2.3

• cpe:2.3:o:palo_alto_networks:pan-os:5.0.18:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:5.0.19:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:5.0.20:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:5.1.11:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:5.1.13:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:6.0.13:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:6.0.14:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:6.0.15:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:6.1.11:*:*:*:*:*:*:*
• cpe:2.3:o:palo_alto_networks:pan-os:6.1.12:*:*:*:*:*:*:*

External links

https://securityadvisories.paloaltonetworks.com/Home/Detail/65

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.