Main Vulnerability Database Vulnerabilities #VU7588

#VU7588 Improper input validation in Palo Alto PAN-OS - CVE-2017-8390

Published: July 21, 2017 / Updated: July 25, 2017

Vulnerability identifier: #VU7588

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2017-8390

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Palo Alto PAN-OS

Software vendor:
Palo Alto Networks, Inc.

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an unspecified error when processing fully qualified domain name (FQDN) in the DNS Proxy . A remote attacker can send send a specially crafted DNS request to the DNS Proxy and execute arbitrary code on vulnerable device.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable device.

Remediation

Update to version 6.1.18, 7.0.16, 7.1.10 or 8.0.3.

External links

http://securityadvisories.paloaltonetworks.com/Home/Detail/91

#VU7588 Improper input validation in Palo Alto PAN-OS - CVE-2017-8390

Description

Remediation

External links

Please verify you're human