Palo Alto Networks Zingbox Inspector CVE-2019-15019 Security Bypass Vulnerability

Description

Palo Alto Networks Zingbox Inspector is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks. Versions prior to Zingbox Inspector 1.295 are vulnerable.

Technologies Affected

• Paloaltonetworks Zingbox Inspector 1.294

Recommendations

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Do not accept communications that originate from unknown or untrusted sources.
To reduce the likelihood of exploits, connect to only trusted hosts and servers.

Implement multiple redundant layers of security.
Use of multiple redundant layers of encryption may reduce exposure to this and other latent vulnerabilities.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure servers and other applications to run as a non administrative user with minimal access rights.

Updates are available. Please see the references or vendor advisory for more information.