Main Vulnerability Database SB2016110130

SB2016110130 - Access bypass in Palo Alto PAN-OS

Published: November 1, 2016 Updated: November 2, 2016

Security Bulletin ID SB2016110130

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Access bypass (CVE-ID: N/A)

The vulnerability allows a remote unauthenticated user to gain access to the target system.
The weakness is due to improper generation and processing of API authentication tokens for the firewall API interface. A remote attacker who can access an authenticated administrator's browser and obtain the firewall API authentication token can perform calls to the firewall API.
Successful exploitation of the vulnerability results in access to the firewall REST API.

Remediation

Install update from vendor's website.

References

http://securityadvisories.paloaltonetworks.com/Home/Detail/65