Palo Alto Networks PAN-OS 5.0.x < 5.0.19 / 5.1.x < 5.1.12 / 6.0.x < 6.0.14 / 6.1.x < 6.1.12 / 7.0.x < 7.0.8 Privilege Escalation (PAN-SA-2016-0012)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by multiple vulnerabilities.

Description :

The version of Palo Alto Networks PAN-OS running on the remote host is
5.0.x prior to 5.0.19, 5.1.x prior to 5.1.12, 6.0.x prior to 6.0.14,
6.1.x prior to 6.1.12, or 7.0.x prior to 7.0.8. It is, therefore,
affected by a privilege escalation vulnerability due to improper
sanitization of the root_reboot local invocation. A local attacker can
exploit this to gain elevated privileges.

See also :

https://securityadvisories.paloaltonetworks.com/Home/Detail/45

Solution :

Upgrade to Palo Alto Networks PAN-OS version 5.0.19 / 5.1.12 / 6.0.14
/ 6.1.12 / 7.0.8 or later.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Palo Alto Local Security Checks

Nessus Plugin ID: 93125 ()

Bugtraq ID:

CVE ID: CVE-2016-1712

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now