Palo Alto Networks Security Advisories [30-August-2017]

by kshorrock ‎08-30-2017 05:02 PM - edited ‎08-31-2017 04:11 PM (10,720 Views)

With the release of PAN-OS 7.1.12 Palo Alto Networks has published 2 new and 1 updated Security Advisory addressing 3 security issues.

 

New Security Advisories

 

PAN-SA-2017-0023 - Cross-Site Scripting in PAN-OS

A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface, that could allow for a cross-site scripting (XSS) attack. PAN-OS does not properly validate specific request parameters.

 

  • Medium Severity
  • Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3
  • CVE-2017-12416

PAN-SA-2017-0024 - XML External Entity (XXE) in PAN-OS 

A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface, that could allow for XML External Entity (XXE) attack. PAN-OS does not properly parse XML input.

 

  • High Severity
  • Fixed in PAN-OS 6.1.18, PAN-OS 7.0.17, PAN-OS 7.1.12 and PAN-OS 8.0.3
  • CVE-2017-9458

Updated Security Advisory

 

PAN-SA-2017-0022 - NTP Vulnerability

The Network Time Protocol (NTP) library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall.

 

  • Low Severity
  • Fixed in PAN-OS 7.1.12 and PAN-OS 8.0.4
  • Fixes for 6.1 and 7.0 will be released on a future date
  • CVE-2017-6460

Details of the issues, affected versions, and any mitigation information can be found in the Security Advisory.



 

Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/



 

If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support

 



Regards


Product Security Incident Response Team
Palo Alto Networks

 

Updated August-31-2017 - Security Advisories updated to clarify that both the Internal and external interfaces of GlobalProtect are affected by issues listed in PAN-SA-2017-0023 and PAN-SA-2017-0024

Comments
by stmark
on ‎08-31-2017 08:30 AM

Does disabling the login page for the Global Protect Portal mitigate this vulnerability?  Does these global protect related vulnerabilities affect both the Gateway and Portal?

 

Thanks!

Ask Questions Get Answers Join the Live Community
Contributors