CVE-2019-1581
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.1%
A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4.
Affected configurations
CNA Affected
[
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"lessThan": "7.1.24-h1, 7.1.25",
"status": "affected",
"version": "7.1",
"versionType": "custom"
},
{
"lessThan": "8.0.19-h1, 8.0.20",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "8.1.9-h4, 8.1.10",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"lessThan": "9.0.3-h3, 9.0.4",
"status": "affected",
"version": "9.0",
"versionType": "custom"
},
{
"lessThanOrEqual": "7.0",
"status": "unknown",
"version": "all",
"versionType": "custom"
}
]
}
]Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
82.1%