Palo Alto Networks PAN-OS 6.1.21 and earlier / 7.1.x < 7.1.19 / 8.0.x < 8.0.12 / 8.1.x < 8.1.3 Multiple Vulnerabilities

Medium Nessus Plugin ID 112161

Synopsis

The remote PAN-OS host is affected by multiple vulnerabilities.

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 6.x.x or 7.1.x prior to 7.1.19 or 8.0.x prior to 8.0.12 or 8.1.x prior to 8.1.3. It is, therefore, affected by multiple vulnerabilities.

Solution

Upgrade to PAN-OS 7.1.19 / 8.0.12 / 8.1.3 or later.

See Also

http://www.nessus.org/u?6f828553

http://www.nessus.org/u?e379ee3f

http://www.paloaltonetworks.com/

Plugin Details

Severity: Medium

ID: 112161

File Name: palo_alto_pan-os_8_1_3.nasl

Version: 1.1

Type: combined

Published: 2018/08/28

Modified: 2018/08/28

Dependencies: 72816

Risk Information

Risk Factor: Medium

CVSS Score Source: manual

CVSS Score Rationale: An in depth analysis by tenable researchers revealed the access complexity to be medium.

CVSSv2

Base Score: 4.4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P

CVSSv3

Base Score: 5.9

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 2018/08/15

Vulnerability Publication Date: 2018/08/15

Reference Information

CVE: CVE-2018-10139, CVE-2018-10140

BID: 105107, 105111

IAVA: 2018-A-0278