510 matches found
Local Privilege Escalation in GlobalProtect App for Linux and Mac OS
A Local Privilege Escalation vulnerability exists in GlobalProtect App for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. Ref GPC-8945, CVE-2019-17436 Successful exploitation of this issue may allow a low-privileged local user to escalate their...
Local Privilege Escalation in GlobalProtect App for Linux and Mac OS
A Local Privilege Escalation vulnerability exists in GlobalProtect App for Linux and Mac OSX that can allow non-root users to overwrite root files on the file system. Ref GPC-8945, CVE-2019-17436 Successful exploitation of this issue may allow a low-privileged local user to escalate their...
Command Injection in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection. Ref: CVE-2019-15020 The vulnerability allows for an attacker in a position to intercept a software upda...
Insecure Firmware Validation in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that could allow an attacker to supply an invalid software update image to the Zingbox Inspector. Ref: CVE-2019-15019 The vulnerability allows for an attacker in a position to intercept a software update package to deliver a tampered softwa...
Insecure Password Storage in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that results in passwords for 3rd party integrations being stored in cleartext in device configuration. Ref: CVE-2019-15023 The vulnerability allows for the viewing of plaintext credentials stored within the Zingbox Inspector software and store...
Tenant authentication bypass in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector where authentication is not required when binding the Inspector instance to a different customer tenant. Ref: CVE-2019-15018 The vulnerability allows a user to bind the Zingbox Inspector to another tenant, which can impact the functionality...
Command Injection in Zingbox Inspector
A command injection vulnerability exists in the Zingbox Inspector CLI that allows for an authenticated user to execute arbitrary system commands. Ref: CVE-2019-15014 The vulnerability allows for authenticated users to execute arbitrary commands within the product CLI console. This issue affects...
ARP Spoofing in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for the Inspector to be susceptible to ARP spoofing. Ref: CVE-2019-15022 The vulnerability allows for an attacker to perform ARP spoofing attacks against the Zingbox Inspector. This issue affects Zingbox Inspector, versions 1.294 an...
Command Injection in Zingbox Inspector
A command injection vulnerability exists in the Zingbox Inspector CLI that allows for an authenticated user to execute arbitrary system commands. Ref: CVE-2019-15014 The vulnerability allows for authenticated users to execute arbitrary commands within the product CLI console. This issue affects...
Command Injection in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection. Ref: CVE-2019-15020 The vulnerability allows for an attacker in a position to intercept a software upda...
Insecure Firmware Validation in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that could allow an attacker to supply an invalid software update image to the Zingbox Inspector. Ref: CVE-2019-15019 The vulnerability allows for an attacker in a position to intercept a software update package to deliver a tampered softwa...
Hardcoded Credentials in Zingbox Inspector
Hardcoded credentials for root and inspector user accounts are present in the system software. Ref: CVE-2019-15015 The vulnerability allows for users to authenticate to the software using hardcoded credentials if access to SSH on the Zingbox Inspector is not otherwise restricted see also...
Tenant authentication bypass in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector where authentication is not required when binding the Inspector instance to a different customer tenant. Ref: CVE-2019-15018 The vulnerability allows a user to bind the Zingbox Inspector to another tenant, which can impact the functionality...
Remote Command Injection in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. Ref: CVE-2019-1584 This vulnerability can on...
ARP Spoofing in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for the Inspector to be susceptible to ARP spoofing. Ref: CVE-2019-15022 The vulnerability allows for an attacker to perform ARP spoofing attacks against the Zingbox Inspector. This issue affects Zingbox Inspector, versions 1.294 an...
Insecure Password Storage in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that results in passwords for 3rd party integrations being stored in cleartext in device configuration. Ref: CVE-2019-15023 The vulnerability allows for the viewing of plaintext credentials stored within the Zingbox Inspector software and store...
Remote Command Injection in Zingbox Inspector
A security vulnerability exists in Zingbox Inspector that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the Zingbox Inspector were tampered with to connect to an attacker's cloud endpoint. Ref: CVE-2019-1584 This vulnerability can on...
Hardcoded Credentials in Zingbox Inspector
Hardcoded credentials for root and inspector user accounts are present in the system software. Ref: CVE-2019-15015 The vulnerability allows for users to authenticate to the software using hardcoded credentials if access to SSH on the Zingbox Inspector is not otherwise restricted see also...
SSH Service Exposed in Zingbox Inspector
The SSH service is enabled on the Zingbox Inspector, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials. Ref: CVE-2019-15017 The vulnerability allows for users to authenticate to the softwar...
SSH Service Exposed in Zingbox Inspector
The SSH service is enabled on the Zingbox Inspector, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials. Ref: CVE-2019-15017 The vulnerability allows for users to authenticate to the softwar...
Server-side Request Forgery in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network. Ref: CVE-2019-15021 The vulnerability allows for an attacker to easily identify any running instances of Zingbox Inspector on a local are...
Server-side Request Forgery in Zingbox Inspector
A security vulnerability exists in the Zingbox Inspector that can allow an attacker to easily identify instances of Zingbox Inspectors in a local area network. Ref: CVE-2019-15021 The vulnerability allows for an attacker to easily identify any running instances of Zingbox Inspector on a local are...
SQL Injection in Zingbox Inspector
An SQL injection vulnerability exists in the Zingbox Inspector management interface that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database. Ref: CVE-2019-15016 The vulnerability allows for authenticated users to pass unsanitized commands ...
SQL Injection in Zingbox Inspector
An SQL injection vulnerability exists in the Zingbox Inspector management interface that allows for unsanitized data provided by an authenticated user to be passed from the web UI into the database. Ref: CVE-2019-15016 The vulnerability allows for authenticated users to pass unsanitized commands ...
Escalation of Privilege in Twistlock
An HTML injection vulnerability has been identified in the Twistlock Console that can lead to a DOM based XSS attack under certain configurations. Ref , CVE-2019-1583 Successful exploitation of this vulnerability allows a Twistlock user with Operator capabilities to escalate privileges to that of...
Escalation of Privilege in Twistlock
An HTML injection vulnerability has been identified in the Twistlock Console that can lead to a DOM based XSS attack under certain configurations. Ref , CVE-2019-1583 Successful exploitation of this vulnerability allows a Twistlock user with Operator capabilities to escalate privileges to that of...
Remote code execution in PAN-OS SSH management interface
Palo Alto Networks is aware of a remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. Ref: PAN-123564/ CVE-2019-1581. Successful exploitati...
Memory Corruption in PAN-OS
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS Ref: PAN-123603/CVE-2019-1580. Successful exploitation will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon SSHD and corrupt arbitrary memory. This issue affects PAN-OS 7.1.24 and earlier,...
Memory Corruption in PAN-OS
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS Ref: PAN-123603/CVE-2019-1580. Successful exploitation will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon SSHD and corrupt arbitrary memory. This issue affects PAN-OS 7.1.24 and earlier,...
Remote code execution in PAN-OS SSH management interface
Palo Alto Networks is aware of a remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. Ref: PAN-123564/ CVE-2019-1581. Successful exploitati...
Memory Corruption in PAN-OS
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. Ref: PAN-123700/ CVE-2019-1582. Successful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session. This issue affects PAN-OS 8.1...
Memory Corruption in PAN-OS
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. Ref: PAN-123700/ CVE-2019-1582. Successful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session. This issue affects PAN-OS 8.1...
Remote Code Execution in GlobalProtect Portal/Gateway Interface
Palo Alto Networks is aware of the reported remote code execution RCE vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. Ref: CVE-2019-1579 Successful exploitation of this issue allows an...
Remote Code Execution in GlobalProtect Portal/Gateway Interface
Palo Alto Networks is aware of the reported remote code execution RCE vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. Ref: CVE-2019-1579 Successful exploitation of this issue allows an...
Command Injection in PAN-OS
A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface CLI. Ref PAN-111872/ CVE-2019-1576 Successful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s...
Command Injection in PAN-OS
A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface CLI. Ref PAN-111872/ CVE-2019-1576 Successful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s...
Privilege Escalation in PAN-OS
Palo Alto Networks is aware of a use-after-free UAF vulnerability in the Linux kernel's sockfssetattr. Ref: PAN-113631/ CVE-2019-8912 Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. This issue affects PAN-OS 7.1.23 and earlier...
Privilege Escalation in PAN-OS
Palo Alto Networks is aware of a use-after-free UAF vulnerability in the Linux kernel's sockfssetattr. Ref: PAN-113631/ CVE-2019-8912 Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. This issue affects PAN-OS 7.1.23 and earlier...
Information Disclosure in PAN-OS Management API Usage
An Information Disclosure vulnerability exists in PAN-OS Management API usage Ref PAN-107239 and PAN-118869 / CVE-2019-1575 Successful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API in PAN-...
Information Disclosure in PAN-OS Management API Usage
An Information Disclosure vulnerability exists in PAN-OS Management API usage Ref PAN-107239 and PAN-118869 / CVE-2019-1575 Successful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API in PAN-...
Information Disclosure in WildFire Appliance (WF-500)
Palo Alto Networks has determined that the WildFire Appliance WF-500 is affected by the vulnerability disclosure known as LazyFP and has completed an update to address these issues. The WildFire Appliance WF-500 software update is now available to customers that use the WildFire Appliance WF-500...
Information Disclosure in WildFire Appliance (WF-500)
Palo Alto Networks has determined that the WildFire Appliance WF-500 is affected by the vulnerability disclosure known as LazyFP and has completed an update to address these issues. The WildFire Appliance WF-500 software update is now available to customers that use the WildFire Appliance WF-500...
Code Injection Vulnerability in Traps
Code injection vulnerability exists in the Palo Alto Networks Traps. Ref: CVE-2019-1577 Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML. This issue affects Traps 5.0.5 and earlier, including all 4.x releases. These releases did not...
Code Injection Vulnerability in Traps
Code injection vulnerability exists in the Palo Alto Networks Traps. Ref: CVE-2019-1577 Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML. This issue affects Traps 5.0.5 and earlier, including all 4.x releases. These releases did not...
Cross Site Scripting (XSS) in MineMeld
A reflected cross-site scripting XSS vulnerability exists in Palo Alto Networks MineMeld. Ref CVE-2019-1578 A remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin’s browser. This issue...
Cross Site Scripting (XSS) in MineMeld
A reflected cross-site scripting XSS vulnerability exists in Palo Alto Networks MineMeld. Ref CVE-2019-1578 A remote attacker able to convince an authenticated MineMeld admin to type malicious input in the MineMeld UI could execute arbitrary JavaScript code in the admin’s browser. This issue...
Information about TCP SACK Panic Findings in PAN-OS
Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479...
Information about Recent Intel Side Channel Vulnerabilities
Palo Alto Networks has determined that WildFire Appliance WF-500 and WildFire Cloud are affected by the recent vulnerability disclosures, known as Fallout, RIDL, and Zombieload. We are working to validate and implement software updates to address these issues. We will provide updates as they beco...
Information about PAN-OS Finding
An issue was resolved in PAN-OS that resulted in configured Layer 3 interfaces erroneously opening ports 28869/tcp and 28870/tcp on the IP address assigned to the Layer 3 interface, which bind to an internal service that performs HTTP 301 redirection to the HTTPS port 443/tcp on the same interfac...
Cross Site Scripting (XSS) in Demisto
A cross-site scripting XSS vulnerability exists in the Palo Alto Networks Demisto. Ref CVE-2019-1568 Successful exploitation of this issue may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. This issue affects Demisto 4.5 build 40249 Work around: N/A...