Detections
Analytics
Palo Alto Networks PAN-OS 7.0.0 LDAP Authentication Bypass (PAN-SA-2015-0005)
critical Nessus Plugin ID 85535
Language:
Synopsis
The remote host is affected by an authentication security bypass vulnerability.Description
The remote host is running Palo Alto Networks PAN-OS version 7.0.0. It is, therefore, affected by an unspecified flaw in the LDAP authentication process. A remote attacker can exploit this to bypass authentication checks presented by the captive portal component or the device management interfaces.Solution
Upgrade to Palo Alto Networks PAN-OS 7.0.1 or later.See Also
https://securityadvisories.paloaltonetworks.com/Home/Detail/32
Plugin Details
Severity: Critical
ID: 85535
File Name: palo_alto_PAN-SA-2015-0005.nasl
Version: 1.9
Type: combined
Family: Palo Alto Local Security Checks
Published: 8/19/2015
Updated: 11/27/2023
Supported Sensors: Nessus
Risk Information
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/o:paloaltonetworks:pan-os
Required KB Items: Host/local_checks_enabled, Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version
Patch Publication Date: 7/24/2015
Vulnerability Publication Date: 7/24/2015