Access bypass in Palo Alto PAN-OS - #VU1134
Published: November 1, 2016 / Updated: November 2, 2016
Vulnerability identifier: #VU1134
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: N/A
CWE-ID: CWE-287
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS
Palo Alto PAN-OS
Detailed vulnerability description
The vulnerability allows a remote unauthenticated user to gain access to the target system.
The weakness is due to improper generation and processing of API authentication tokens for the firewall API interface. A remote attacker who can access an authenticated administrator's browser and obtain the firewall API authentication token can perform calls to the firewall API.
Successful exploitation of the vulnerability results in access to the firewall REST API.
The weakness is due to improper generation and processing of API authentication tokens for the firewall API interface. A remote attacker who can access an authenticated administrator's browser and obtain the firewall API authentication token can perform calls to the firewall API.
Successful exploitation of the vulnerability results in access to the firewall REST API.
Remediation
Update to version 5.0.20, 5.1.13, 6.0.15, 6.1.15, 7.0.11, 7.1.5.