Multiple vulnerabilities in Palo Alto PAN-OS
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-9242 CVE-2018-9334 CVE-2018-9335 CVE-2018-9337 |
| CWE-ID | CWE-20 CWE-200 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Palo Alto PAN-OS Operating systems & Components / Operating system |
| Vendor | Palo Alto Networks, Inc. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Security restrictions bypass
EUVDB-ID: #VU13862
Risk: Low
CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-9242
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.
The vulnerability exists due to an error when processing malicious input. A remote attacker can supply specially crafted request parameters to exploit a flaw in the Management interface and delete files on the target system.
MitigationThe vulnerability is fixed in the versions 6.1.21, 7.1.17, 8.0.10.
Palo Alto PAN-OS: 6.1.0 - 8.0.9
External linkshttp://securityadvisories.paloaltonetworks.com/Home/Detail/123
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU13863
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-9334
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated administrator attacker to obtain potentially sensitive information on the target system.
The vulnerability exists due to unspecified flaw. A remote attacker can modify HTML markup on the management web interface to obtain GlobalProtect password hashes of local users.
MitigationThe vulnerability is fixed in the versions 6.1.21, 7.1.17, 8.0.9, 8.1.1.
Palo Alto PAN-OS: 6.1.0 - 8.0.7
External linkshttp://securityadvisories.paloaltonetworks.com/Home/Detail/124
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cross-site scripting
EUVDB-ID: #VU13869
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-9335
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote authenticated attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationThe vulnerability is fixed in the versions 6.1.21, 7.1.17, 8.0.10, 8.1.2.
Palo Alto PAN-OS: 6.1.0 - 8.1.1
External linkshttp://securityadvisories.paloaltonetworks.com/Home/Detail/126
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU13868
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-9337
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote authenticated attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationThe vulnerability is fixed in the versions 6.1.21, 7.1.17, 8.0.10, 8.1.2.
Palo Alto PAN-OS: 6.1.0 - 8.1.1
External linkshttp://securityadvisories.paloaltonetworks.com/Home/Detail/125?AspxAutoDetectCookieSupport=1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
