Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
paloaltoPalo Alto Networks Product Security Incident Response TeamPAN-SA-2018-0002
HistoryMay 15, 2018 - 9:35 p.m.

Meltdown and Spectre update for WildFire-500 Appliance

2018-05-1521:35:00
Palo Alto Networks Product Security Incident Response Team
securityadvisories.paloaltonetworks.com
586

0.975 High

EPSS

Percentile

100.0%

JSON

Palo Alto Networks has determined that the WildFire-500 (WF-500) appliance is affected by the vulnerability disclosures known as Meltdown and Spectre, and has completed an update to address these issues. The WF-500 software update is now available to customers that use the WF-500 appliance for on-premise sandboxing. Please note that customers using the WildFire cloud service are NOT impacted by this advisory. (PAN-91139/CVE-2017-5715)
Successful exploitation of this issue may allow reads from the guest image to the host residing in a sandbox appliance. The analysis method utilized by the WF-500 mitigates the impact of this issue.
This issue affects WF-500 (WildFire Appliance) running appliance software versions 8.0.9 and earlier; all versions of 7.1, 7.0, and 6.1. Please note: WF-500 appliance software versions 8.1.0 and later are not impacted by this advisory.

Work around:
Customers not using the WF-500 WildFire Appliance are not impacted by this advisory. Customers using the WildFire cloud are not impacted by this advisory.

CPENameOperatorVersion
wildfire appliancele8.0.9

Related

nessus 79
oraclelinux 6
debian 4
suse 14
threatpost 2
openvas 48
redhat 25
centos 6
slackware 1
virtuozzo 1
amazon 4
ubuntu 3
cloudfoundry 1
mageia 2
osv 1
debiancve 1
ibm 1
nessus
nessus
RHEL 7 : qemu-kvm (RHSA-2018:0027) (Spectre)
2018-01-04 00:00:00
RancherOS < 1.1.4 Information Disclosure
2019-12-19 00:00:00
Oracle Linux 7 : microcode_ctl (ELSA-2018-4018) (Spectre)
2018-01-23 00:00:00
oraclelinux
oraclelinux
microcode_ctl security update
2018-01-17 00:00:00
qemu-kvm security update
2018-01-04 00:00:00
qemu-kvm security update
2018-01-04 00:00:00
debian
debian
[SECURITY] [DSA 4179-1] linux-tools security update
2018-04-24 13:15:06
[SECURITY] [DLA 1362-1] gcc-4.9-backport new package
2018-04-25 16:20:05
[SECURITY] [DLA 1349-1] linux-tools security update
2018-04-16 22:31:52
suse
suse
Security update for ucode-intel (important)
2018-01-11 18:09:25
Security update for qemu (important)
2018-01-04 18:10:48
Security update for microcode_ctl (important)
2018-03-16 18:07:30
threatpost
threatpost
Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support
2018-04-04 15:18:47
New Spectre-Level Flaw Targets Return Stack Buffer
2018-07-23 18:27:20
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2018:0757-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:13999-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2018:2189-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2018:0106) Important: qemu-kvm security update
2018-01-22 10:05:47
(RHSA-2018:0105) Important: qemu-kvm security update
2018-01-22 10:05:46
(RHSA-2018:0094) Important: linux-firmware security update
2018-01-16 20:01:49
centos
centos
libvirt security update
2018-01-04 21:10:02
iwl100, iwl1000, iwl105, iwl135, iwl2000, iwl2030, iwl3160, iwl3945, iwl4965, iwl5000, iwl5150, iwl6000, iwl6000g2a, iwl6000g2b, iwl6050, iwl7260, iwl7265, linux security update
2018-01-17 16:51:32
microcode_ctl security update
2018-01-04 11:40:52
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2018-02-07 06:34:12
virtuozzo
virtuozzo
Kernel update: new kernel 3.10.0-693.21.1.vz7.46.7, Virtuozzo 7.0 Update 7 Hotfix 2 (7.0.7-453)
2018-04-28 00:00:00
amazon
amazon
Important: qemu-kvm
2018-02-07 18:49:00
Important: linux-firmware
2018-02-20 21:46:00
Important: qemu-kvm
2018-01-12 21:24:00
ubuntu
ubuntu
libvirt update
2018-02-07 00:00:00
intel-microcode update
2018-03-29 00:00:00
Intel Microcode update
2018-01-11 00:00:00
cloudfoundry
cloudfoundry
USN-3690-2: AMD Microcode regression | Cloud Foundry
2018-07-19 00:00:00
mageia
mageia
Updated microcode packages fix security vulnerability
2018-05-29 22:41:14
Updated microcode packages fix security vulnerabilities
2018-01-13 17:28:36
osv
osv
CVE-2017-5715
2018-01-04 13:29:00
debiancve
debiancve
CVE-2017-5715
2018-01-04 13:29:00
ibm
ibm
Security Bulletin: IBM has released Unified Extensible Firmware Interface (UEFI) fixes in response to the vulnerability known as Spectre (CVE-2017-5715)
2023-04-18 18:22:18

0.975 High

EPSS

Percentile

100.0%

JSON
Related for PAN-SA-2018-0002
nessus79oraclelinux6debian4suse14threatpost2openvas48redhat25centos6slackware1virtuozzo1amazon4ubuntu3cloudfoundry1mageia2osv1debiancve1ibm1