vulnerability

Palo Alto Networks PAN-SA-2018-0005 (CVE-2018-9334): Information Disclosure in the PAN-OS Management Web Interface

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:L/Au:N/C:P/I:N/A:N)	2018-06-28	2018-06-29	2024-11-27

Severity

CVSS

(AV:L/AC:L/Au:N/C:P/I:N/A:N)

Published

2018-06-28

Added

2018-06-29

Modified

2024-11-27

Description

The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup.

Solution(s)

palo-alto-networks-pan-os-upgrade-6-1palo-alto-networks-pan-os-upgrade-7-1palo-alto-networks-pan-os-upgrade-8-0palo-alto-networks-pan-os-upgrade-8-1

References

NVD-CVE-2018-9334
URL-https://securityadvisories.paloaltonetworks.com

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today