Palo Alto Networks PAN-OS API Key Persistence Security Bypass (PAN-SA-2015-0006)

Medium Nessus Plugin ID 86906

Synopsis

The remote host is affected by an authentication security bypass vulnerability.

Description

The Palo Alto Networks PAN-OS running on the remote host is a version prior to 6.1.7 or 7.x prior to 7.0.2. It is, therefore, affected by a security bypass vulnerability due to a failure to invalidate the local administrator API keys after a password change has been performed, the old keys being valid up until the time the device is rebooted. A remote attacker can exploit this to gain access to the management interface.

Solution

Upgrade to Palo Alto Networks PAN-OS version 6.1.7 / 7.0.2 or later.

See Also

https://securityadvisories.paloaltonetworks.com/Home/Detail/33

http://www.nessus.org/u?83755f2d

Plugin Details

Severity: Medium

ID: 86906

File Name: palo_alto_PAN-SA-2015-0006.nasl

Version: 1.6

Type: combined

Published: 2015/11/17

Modified: 2018/08/13

Dependencies: 72816

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 2015/11/09

Vulnerability Publication Date: 2015/11/09