XXE attack in Palo Alto PAN-OS - CVE-2017-9458
Published: September 4, 2017
Vulnerability identifier: #VU8077
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-9458
CWE-ID: CWE-611
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Palo Alto Networks, Inc.
Affected software:
Palo Alto PAN-OS
Palo Alto PAN-OS
Detailed vulnerability description
The vulnerability allows a remote attacker to conduct XXE attack on the target system.
The weakness exists in the encryption library due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A remote attacker can supply a specially crafted XML External Entity (XXE) data to the target GlobalProtect internal and external gateway to read arbitrary files.
Successful exploitation of the vulnerability may result in information disclosure.
The weakness exists in the encryption library due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A remote attacker can supply a specially crafted XML External Entity (XXE) data to the target GlobalProtect internal and external gateway to read arbitrary files.
Successful exploitation of the vulnerability may result in information disclosure.
How to mitigate CVE-2017-9458
The vulnerability is addressed in the following versions: 6.1.18, 7.0.17, 7.1.12, 8.0.3.