CVE-2012-6590

2013-08-3117:55:03

CWE-200

[email protected]

web.nvd.nist.gov

palo alto networks

pan-os

cve-2012-6590

security vulnerability

web-based management ui

remote attack

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.1%

JSON

The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.

Affected configurations

NVD

Node

paloaltonetworkspan-osMatch4.0.0

paloaltonetworkspan-osMatch4.0.1

paloaltonetworkspan-osMatch4.0.2

paloaltonetworkspan-osMatch4.0.3

paloaltonetworkspan-osMatch4.0.4

paloaltonetworkspan-osMatch4.0.5

paloaltonetworkspan-osMatch4.0.6

paloaltonetworkspan-osMatch4.0.7

CPENameOperatorVersion
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.0
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.1
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.2
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.3
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.4
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.5
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.6
paloaltonetworks:pan-ospaloaltonetworks pan-oseq4.0.7

CPE	Name	Operator	Version
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.0
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.1
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.2
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.3
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.4
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.5
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.6
paloaltonetworks:pan-os	paloaltonetworks pan-os	eq	4.0.7