PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access

Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

通信信道对预期端点的不适当限制

Palo Alto Networks PA-7080和PA-7050 PAN-OS 安全漏洞

Palo Alto Networks PA-7080和PA-7050都是美国Palo Alto Networks（Palo Alto Networks）公司的产品。PA-7050是一款PA-7050系列防火墙产品。Palo Alto Networks PA-7080是一款PA-7080系列防火墙产品。PAN-OS是一套为其防火墙设备开发的操作系统。 Palo Alto Networks PA-7080和PA-7050上的PAN-OS 9.0.5-h3之前的9.0版本中存在安全漏洞，该漏洞程序没有正确限制对

N/A

N/A