Palo Alto PAN-OS up to 7.1.4 API Token Generation improper authentication

Summaryinfo

A vulnerability identified as critical has been detected in Palo Alto PAN-OS up to 7.1.4. Impacted is an unknown function of the component API Token Generation. The manipulation leads to improper authentication. There is no available exploit. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Palo Alto PAN-OS up to 7.1.4 (Firewall Software) and classified as critical. This issue affects some unknown functionality of the component API Token Generation. The manipulation with an unknown input leads to a improper authentication vulnerability. Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. Impacted is confidentiality, integrity, and availability.

The weakness was presented 10/31/2016 by Travis Christianson as PAN-61046/100428 as confirmed advisory (Website). It is possible to read the advisory at securityadvisories.paloaltonetworks.com. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available. The advisory points out:

The Palo Alto Networks firewalls API browser does not properly use the REST API tokens. In a specific scenario, an attacker could steal the authentication token and perform calls to the firewall’s API.

Upgrading to version 5.0.20, 5.1.13, 6.0.15, 6.1.15, 7.0.11 or 7.1.5 eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

The vulnerability is also documented in the vulnerability database at SecurityTracker (ID 1037153†). See VDB-93262 for similar entry. Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Firewall Software

Vendor

• Palo Alto

Name

• PAN-OS

Version

• 5.0.0
• 5.0.1
• 5.0.2
• 5.0.3
• 5.0.4
• 5.0.5
• 5.0.6
• 5.0.7
• 5.0.8
• 5.0.9
• 5.0.10
• 5.0.11
• 5.0.12
• 5.0.13
• 5.0.14
• 5.0.15
• 5.0.16
• 5.0.17
• 5.0.18
• 5.0.19
• 5.1.0
• 5.1.1
• 5.1.2
• 5.1.3
• 5.1.4
• 5.1.5
• 5.1.6
• 5.1.7
• 5.1.8
• 5.1.9
• 5.1.10
• 5.1.11
• 5.1.12
• 6.0.0
• 6.0.1
• 6.0.2
• 6.0.3
• 6.0.4
• 6.0.5
• 6.0.6
• 6.0.7
• 6.0.8
• 6.0.9
• 6.0.10
• 6.0.11
• 6.0.12
• 6.0.13
• 6.0.14
• 6.1.0
• 6.1.1
• 6.1.2
• 6.1.3
• 6.1.4
• 6.1.5
• 6.1.6
• 6.1.7
• 6.1.8
• 6.1.9
• 6.1.10
• 6.1.11
• 6.1.12
• 6.1.13
• 6.1.14
• 7.0.0
• 7.0.1
• 7.0.2
• 7.0.3
• 7.0.4
• 7.0.5
• 7.0.6
• 7.0.7
• 7.0.8
• 7.0.9
• 7.0.10
• 7.1.0
• 7.1.1
• 7.1.2
• 7.1.3
• 7.1.4

License

• commercial

Website

• Vendor: https://www.paloaltonetworks.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion