Cross-site scripting in Palo Alto PAN-OS - #VU172
Published: July 19, 2016 / Updated: November 22, 2018
Vulnerability identifier: #VU172
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: N/A
CWE-ID: CWE-79
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS
Palo Alto PAN-OS
Detailed vulnerability description
The vulnerability allows a remote attacker to conduct cross-site scripting attacks.
The vulnerability exists due to improper filtering HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code execution by the target user's browser. The code will originate from the Palo Alto PAN-OS interface and will run in the security context of that site. As a result, the code will be able to access the target user's cookies, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Successful exploitation of this vulnerability may result in disclosure of authentication information.
The vulnerability exists due to improper filtering HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code execution by the target user's browser. The code will originate from the Palo Alto PAN-OS interface and will run in the security context of that site. As a result, the code will be able to access the target user's cookies, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Successful exploitation of this vulnerability may result in disclosure of authentication information.
Remediation
The vendor has issued a fix (5.0.19, 5.1.12, 6.0.14, 6.1.12, 7.0.8).