Detections
Analytics

Palo Alto Networks PAN-OS 6.0.x < 6.0.14 Multiple Vulnerabilities

high Nessus Plugin ID 93126

Language:

Synopsis

The remote host is affected by multiple vulnerabilities.

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 6.0.x prior to 6.0.14. It is, therefore, affected by multiple vulnerabilities :

 - An unspecified flaw exists that allows an authenticated, remote attacker to gain elevated privileges.

 - An unspecified flaw exists in the policy configuration dialog that allows an authenticated, remote attacker to have an unspecified impact.

 - A boundary check error exists in the Captive Portal that allows a remote attacker to cause a denial of service.

Solution

Upgrade to Palo Alto Networks PAN-OS version 6.0.14 or later.

See Also

http://www.nessus.org/u?37d0a0a0

Plugin Details

Severity: High

ID: 93126

File Name: palo_alto_pan-os_6_0_14.nasl

Version: 1.6

Type: combined

Published: 8/26/2016

Updated: 1/2/2019

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version

Patch Publication Date: 7/5/2016

Vulnerability Publication Date: 7/5/2016