Описание
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
5.3 Medium
CVSS3
5.9 Medium
CVSS3
Дефекты
Связанные уязвимости
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
Уязвимость операционной системы PAN-OS, связанная с недостаточно стойким шифрованием данных, позволяющая нарушителю выполнить атаку типа «человек посередине» и получить несанкционированный доступ к защищаемой информации
EPSS
5.3 Medium
CVSS3
5.9 Medium
CVSS3