Multiple vulnerabilities in Palo Alto Networks PAN-OS



Published: 2019-12-05 | Updated: 2022-06-24
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-1559
CVE-2019-17437
CWE-ID CWE-327
CWE-287
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Palo Alto PAN-OS
Operating systems & Components / Operating system

Vendor Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU17860

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-1559

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.

Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY). 


Mitigation

Update to versions 7.1.25, 8.0.20, 8.1.8, or 9.0.2.

Vulnerable software versions

Palo Alto PAN-OS: 9.0.0 - 9.0.4, 8.1.0 - 8.1.10, 8.0.0 - 8.0.19-h1, 7.1.0 - 7.1.24-h1


CPE2.3 External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/202

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Improper Authentication

EUVDB-ID: #VU23404

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2019-17437

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in authentication process. A local non-privileged user can gain elevated privileges on the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 9.0.0 - 9.0.4, 8.1.0 - 8.1.10, 8.0.0 - 8.0.19-h1, 7.1.0 - 7.1.24-h1


CPE2.3 External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/201

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###