漏洞标题
PAN-OS: 不正确Neutralization漏洞导致配置提交期间意外程序执行
漏洞描述信息
PAN-OS:配置提交期间的中和不当漏洞导致意外程序执行
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
漏洞描述信息
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
漏洞类别
对特殊元素的转义处理不恰当
漏洞标题
Palo Alto Networks PAN-OS 安全漏洞
漏洞描述信息
Palo Alto Networks PAN-OS是Palo Alto Networks的一款下一代防火墙软件。 Palo Alto Networks PAN-OS 存在安全漏洞。攻击者利用该漏洞上传专门创建的配置,该配置会中断系统进程,并在硬件和虚拟设备上提交配置时以 root 权限执行任意代码。
CVSS信息
N/A
漏洞类别
其他