CVE-2017-7408

Опубликовано: 14 апр. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.

Ссылки

http://www.securityfocus.com/bid/97533
Third Party Advisory
VDB Entry
https://security.paloaltonetworks.com/CVE-2017-7408
Vendor Advisory
https://www.paloaltonetworks.com/documentation/34/endpoint/traps-release-notes/traps-3-4-4-addressed-issues.html
Release Notes
Vendor Advisory
http://www.securityfocus.com/bid/97533
Third Party Advisory
VDB Entry
https://security.paloaltonetworks.com/CVE-2017-7408
Vendor Advisory
https://www.paloaltonetworks.com/documentation/34/endpoint/traps-release-notes/traps-3-4-4-addressed-issues.html
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:paloaltonetworks:traps:*:*:*:*:*:*:*:*

Версия до 3.4.3 (включая)

EPSS

Процентиль: 65%

0.00511

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-28cw-rx3r-6f3c