https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117840#M45599 <P>yes , it has a high severity score on mitre and if the Mgmt interface is left exposed could lead to a DoS, meaning you lose control over your firewall</P> <P>&nbsp;</P> <P><A href="https://securityadvisories.paloaltonetworks.com/Home/Detail/58" target="_blank">https://securityadvisories.paloaltonetworks.com/Home/Detail/58</A></P> Wed, 05 Oct 2016 14:56:17 GMT reaper 2016-10-05T14:56:17Z https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117599#M45582 <P>Summary</P><P>The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366. (Ref # PAN 52379/87408)</P><P>&nbsp;</P><P>Severity: High</P><P>The CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.</P><P>&nbsp;</P><P>What is the attack vector? &nbsp;Clients traffic pass throught &nbsp;DPs, not MP. &nbsp;</P><P>&nbsp;</P><P>Ernest</P> Tue, 04 Oct 2016 20:13:54 GMT https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117599#M45582 nextgenhappines 2016-10-04T20:13:54Z https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117771#M45592 <P>Hi</P> <P>&nbsp;</P> <P>Since only the Management Plane kernel is affected, the vector is limited to the management interface</P> <P>&nbsp;</P> <P>if the management interface is located in an oob network, exposure is limited to only other hosts inside the oob net</P> <P>&nbsp;</P> Wed, 05 Oct 2016 11:51:58 GMT https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117771#M45592 reaper 2016-10-05T11:51:58Z https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117829#M45598 <P>Hi Reaper,</P><P>&nbsp;</P><P>If that is attack surface is small and limited, why the serverity is listed as High? &nbsp;Is it due to the CVSS score of the CVE?</P> Wed, 05 Oct 2016 14:43:08 GMT https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117829#M45598 nextgenhappines 2016-10-05T14:43:08Z https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117840#M45599 <P>yes , it has a high severity score on mitre and if the Mgmt interface is left exposed could lead to a DoS, meaning you lose control over your firewall</P> <P>&nbsp;</P> <P><A href="https://securityadvisories.paloaltonetworks.com/Home/Detail/58" target="_blank">https://securityadvisories.paloaltonetworks.com/Home/Detail/58</A></P> Wed, 05 Oct 2016 14:56:17 GMT https://live.paloaltonetworks.com/t5/general-topics/pan-sa-2016-0025-kernel-vulnerabilities/m-p/117840#M45599 reaper 2016-10-05T14:56:17Z