Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-17440

Опубликовано: 20 дек. 2019
Источник: nvd
CVSS3: 10
CVSS3: 9.8
CVSS2: 10
EPSS Низкий

Описание

Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 9.0 (включая) до 9.0.5 (включая)

Одно из

cpe:2.3:h:paloaltonetworks:pa-7050:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-7080:-:*:*:*:*:*:*:*

EPSS

Процентиль: 63%
0.0045
Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-923
NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-4w28-4cpv-vvf3

github
больше 3 лет назад

Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affects a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.

fstec логотип

BDU:2020-03284

CVSS3: 10
fstec
около 6 лет назад

Уязвимость операционной системы PAN-OS на устройствах серии PA-7000, связанная с недостаточным ограничением канала связи для заданных конечных точек, позволяющая нарушителю получить доступ к устройству с привилегиями root

EPSS

Процентиль: 63%
0.0045
Низкий

10 Critical

CVSS3

9.8 Critical

CVSS3

10 Critical

CVSS2

Дефекты

CWE-923
NVD-CWE-Other