漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
Vulnerability Description
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Palo Alto Networks PAN-OS 操作系统命令注入漏洞
Vulnerability Description
Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS命令行界面(CLI)存在安全漏洞,攻击者可利用该漏洞执行任意操作系统命令以提升权限。受影响的系统包括:PAN-OS 8.1.20-h1之前的PAN-OS 8.1版本;PAN-OS 9.0.14-h3之前的PAN-OS 9.0版本;PAN-OS 9.1.11-h2之前的PAN-OS 9.1版本;PAN-OS 10.0.8之前的
CVSS Information
N/A
Vulnerability Type
N/A