CVE-2017-7945 in PAN-OSinformazioni

Riassunto

di MITRE

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

18/04/2017

Divulgazione

28/04/2017

Moderazione

accettato

Voce

VDB-100720

CPE

pronto

CWE

CWE-254 (confermato)

Sfruttamento

Scaricare

CVSS

9.8 (NVD)

EPSS

0.01835

KEV

Attività

molto basso

Settore

Pharma, Government, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-7945
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-7945
CVE Details	https://www.cvedetails.com/cve/CVE-2017-7945/

◂ Precedente Visione D'ensemble Il prossimo ▸

Want to know what is going to be exploited?

We predict KEV entries!