CVE-2017-5584

Опубликовано: 15 мар. 2017

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://www.securityfocus.com/bid/96371
http://www.securitytracker.com/id/1037889
Third Party Advisory
VDB Entry
https://security.paloaltonetworks.com/CVE-2017-5584
http://www.securityfocus.com/bid/96371
http://www.securitytracker.com/id/1037889
Third Party Advisory
VDB Entry
https://security.paloaltonetworks.com/CVE-2017-5584

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:paloaltonetworks:pan-os:5.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.11:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.0.12:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.11:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.12:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.13:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.14:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:6.1.15:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.5-h2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.11:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.0.12:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.4-h2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:7.1.7:*:*:*:*:*:*:*

EPSS

Процентиль: 41%

0.00195

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-q53c-xvxg-cf54