https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-30-august-2017/ta-p/174015 <DIV class="lia-message-template-content-zone"><P>With the release of PAN-OS 7.1.12 Palo Alto Networks has published 2 new and 1 updated Security Advisory addressing 3 security issues.</P> <P>&nbsp;</P> <P><STRONG>New Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0023 -&nbsp;<SPAN>Cross-Site Scripting in PAN-OS</SPAN></STRONG></P> <P><SPAN>A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface,&nbsp;</SPAN>that could allow for a cross-site scripting (XSS) attack. PAN-OS does not properly validate specific request parameters.</P> <P>&nbsp;</P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3</LI> <LI>CVE-2017-12416</LI> </UL> <P><STRONG>PAN-SA-2017-0024 -&nbsp;XML External Entity (XXE) in PAN-OS&nbsp;</STRONG></P> <P><SPAN>A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface,</SPAN>&nbsp;that could allow for XML External Entity (XXE) attack. PAN-OS does not properly parse XML input.</P> <P>&nbsp;</P> <UL> <LI>High Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3</LI> <LI>CVE-2017-9458</LI> </UL> <P><STRONG>Updated Security Advisory</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0022 - NTP Vulnerability</STRONG></P> <P>The Network Time Protocol (NTP) library has been found to contain a&nbsp;vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall.</P> <P>&nbsp;</P> <UL> <LI>Low Severity</LI> <LI>Fixed&nbsp;in&nbsp;PAN-OS 7.1.12 and PAN-OS 8.0.4</LI> <LI>Fixes for 6.1 and 7.0 will be released on a future date</LI> <LI>CVE-2017-6460</LI> </UL> <P>Details of the issues, affected versions, and any mitigation information can be found in the Security Advisory.

</P> <P>&nbsp;</P> <P>Please visit our Security Advisories website to learn more at<SPAN>&nbsp;</SPAN><A href="https://securityadvisories.paloaltonetworks.com/%E2%80%A8%E2%80%A8" target="_self" rel="nofollow noopener noreferrer">https://securityadvisories.paloaltonetworks.com/

</A></P> <P>&nbsp;</P> <P>If you have questions, please contact support<SPAN>&nbsp;</SPAN><A href="https://www.paloaltonetworks.com/company/contact-support" target="_self" rel="nofollow noopener noreferrer">https://www.paloaltonetworks.com/company/contact-support</A></P> <P>&nbsp;</P> <P>

Regards
</P> <P>Product Security Incident Response Team<BR />Palo Alto Networks</P> <P>&nbsp;</P> <P><STRONG>Updated August-31-2017 -&nbsp;</STRONG>Security Advisories updated to clarify that both the Internal and external interfaces of GlobalProtect are affected by issues listed in PAN-SA-2017-0023 and PAN-SA-2017-0024</P> </DIV> Thu, 31 Aug 2017 23:11:12 GMT kshorrock 2017-08-31T23:11:12Z https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-30-august-2017/ta-p/174015 <DIV class="lia-message-template-content-zone"><P>With the release of PAN-OS 7.1.12 Palo Alto Networks has published 2 new and 1 updated Security Advisory addressing 3 security issues.</P> <P>&nbsp;</P> <P><STRONG>New Security Advisories</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0023 -&nbsp;<SPAN>Cross-Site Scripting in PAN-OS</SPAN></STRONG></P> <P><SPAN>A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface,&nbsp;</SPAN>that could allow for a cross-site scripting (XSS) attack. PAN-OS does not properly validate specific request parameters.</P> <P>&nbsp;</P> <UL> <LI>Medium Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3</LI> <LI>CVE-2017-12416</LI> </UL> <P><STRONG>PAN-SA-2017-0024 -&nbsp;XML External Entity (XXE) in PAN-OS&nbsp;</STRONG></P> <P><SPAN>A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface,</SPAN>&nbsp;that could allow for XML External Entity (XXE) attack. PAN-OS does not properly parse XML input.</P> <P>&nbsp;</P> <UL> <LI>High Severity</LI> <LI>Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3</LI> <LI>CVE-2017-9458</LI> </UL> <P><STRONG>Updated Security Advisory</STRONG></P> <P>&nbsp;</P> <P><STRONG>PAN-SA-2017-0022 - NTP Vulnerability</STRONG></P> <P>The Network Time Protocol (NTP) library has been found to contain a&nbsp;vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall.</P> <P>&nbsp;</P> <UL> <LI>Low Severity</LI> <LI>Fixed&nbsp;in&nbsp;PAN-OS 7.1.12 and PAN-OS 8.0.4</LI> <LI>Fixes for 6.1 and 7.0 will be released on a future date</LI> <LI>CVE-2017-6460</LI> </UL> <P>Details of the issues, affected versions, and any mitigation information can be found in the Security Advisory.

</P> <P>&nbsp;</P> <P>Please visit our Security Advisories website to learn more at<SPAN>&nbsp;</SPAN><A href="https://securityadvisories.paloaltonetworks.com/%E2%80%A8%E2%80%A8" target="_self" rel="nofollow noopener noreferrer">https://securityadvisories.paloaltonetworks.com/

</A></P> <P>&nbsp;</P> <P>If you have questions, please contact support<SPAN>&nbsp;</SPAN><A href="https://www.paloaltonetworks.com/company/contact-support" target="_self" rel="nofollow noopener noreferrer">https://www.paloaltonetworks.com/company/contact-support</A></P> <P>&nbsp;</P> <P>

Regards
</P> <P>Product Security Incident Response Team<BR />Palo Alto Networks</P> <P>&nbsp;</P> <P><STRONG>Updated August-31-2017 -&nbsp;</STRONG>Security Advisories updated to clarify that both the Internal and external interfaces of GlobalProtect are affected by issues listed in PAN-SA-2017-0023 and PAN-SA-2017-0024</P> </DIV> Thu, 31 Aug 2017 23:11:12 GMT https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-30-august-2017/ta-p/174015 kshorrock 2017-08-31T23:11:12Z https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-30-august-2017/tac-p/174176#M46 <P>Does disabling the login page for the Global Protect Portal mitigate this vulnerability? &nbsp;Does these global protect related vulnerabilities affect both the Gateway and Portal?</P><P>&nbsp;</P><P>Thanks!</P> Thu, 31 Aug 2017 15:30:57 GMT https://live.paloaltonetworks.com/t5/psirt-articles/palo-alto-networks-security-advisories-30-august-2017/tac-p/174176#M46 stmark 2017-08-31T15:30:57Z