Lucene search
Palo_altoCVELIST:CVE-2019-1575HistoryJul 16, 2019 - 1:46 p.m.
CVE-2019-1575
2019-07-1613:46:34
palo_alto
www.cve.org
Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.
CNA Affected
[
{
"product": "Palo Alto Networks PAN-OS",
"vendor": "Palo Alto",
"versions": [
{
"status": "affected",
"version": "PAN-OS 7.1.23 and earlier"
},
{
"status": "affected",
"version": "PAN-OS 8.0.18 and earlier"
},
{
"status": "affected",
"version": "PAN-OS 8.1.8-h4 and earlier"
},
{
"status": "affected",
"version": "and PAN-OS 9.0.2-h3"
}
]
}
]Related
paloalto
paloalto
Information Disclosure in PAN-OS Management API Usage
2019-07-15 22:15:00
cve
cve
CVE-2019-1575
2019-07-16 14:15:12
nessus
nessus
prion
prion
Information disclosure
2019-07-16 14:15:00
nvd
nvd
CVE-2019-1575
2019-07-16 14:15:12