Palo Alto Networks PAN-OS < 3.1.12 / 4.0.x < 4.0.10 / 4.1.x < 4.1.4 Multiple Vulnerabilities
Critical Nessus Plugin ID 72825
SynopsisThe remote host is affected by multiple vulnerabilities.
DescriptionThe remote host is running a version of Palo Alto Networks PAN-OS prior to 3.1.12 / 4.0.10 / 4.1.4. It is, therefore, affected by multiple vulnerabilities :
- A vulnerability exists that allows an unauthenticated user to inject commands as root on the device.
(CVE-2012-6601 / PAN-SA-2012-0012)
- A vulnerability exists that allows an unauthenticated user to gain administrator access without supplying credentials. (CVE-2012-6603 / PAN-SA-2012-0014)
SolutionUpgrade to PAN-OS version 3.1.12 / 4.0.10 / 4.1.4 or later.