Multiple vulnerabilities in Palo Alto Networks PAN-OS



| Updated: 2022-06-24
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2019-1559
CVE-2019-17437
CWE-ID CWE-327
CWE-287
Exploitation vector Network
Public exploit N/A
Vulnerable software
Palo Alto PAN-OS
Operating systems & Components / Operating system

Vendor Palo Alto Networks, Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU17860

Risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-1559

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt sensitive information.

The vulnerability exists due to the way an application behaves, when it receives a 0-byte record with invalid padding compared to the record with an invalid MAC, which results in padding oracle. A remote attacker can decrypt data.

Successful exploitation of the vulnerability requires that the application is using "non-stitched" ciphersuites and calls SSL_shutdown() twice (first, via a BAD_RECORD_MAC and again via a CLOSE_NOTIFY). 


Mitigation

Update to versions 7.1.25, 8.0.20, 8.1.8, or 9.0.2.

Vulnerable software versions

Palo Alto PAN-OS: 7.1.0 - 9.0.4

CPE2.3 External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/202


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Improper Authentication

EUVDB-ID: #VU23404

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-17437

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to an error in authentication process. A local non-privileged user can gain elevated privileges on the device.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 7.1.0 - 9.0.4

CPE2.3 External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/201


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###