漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
Vulnerability Description
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对特殊元素的转义处理不恰当
Vulnerability Title
Palo Alto Networks PAN-OS 安全漏洞
Vulnerability Description
Palo Alto Networks PAN-OS是Palo Alto Networks的一款下一代防火墙软件。 Palo Alto Networks PAN-OS 存在安全漏洞。攻击者利用该漏洞上传专门创建的配置,该配置会中断系统进程,并在硬件和虚拟设备上提交配置时以 root 权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A