Information Exposure Through an Error Message in Palo Alto PAN-OS



Published: 2017-04-29 | Updated: 2020-08-08
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-7945
CWE-ID CWE-209
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Palo Alto PAN-OS
Operating systems & Components / Operating system

Vendor Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Information Exposure Through an Error Message

EUVDB-ID: #VU39099

Risk: Low

CVSSv3.1: 3.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-7945

CWE-ID: CWE-209 - Information Exposure Through an Error Message

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 7.0.0 - 8.0.1

External links

http://security.paloaltonetworks.com/CVE-2017-7945


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###