Palo Alto Networks PAN-OS CVE-2017-7217 Security Bypass Vulnerability

Palo Alto Networks PAN-OS is prone to a security-bypass vulnerability.

Successful exploits will allow attackers to bypass certain security restrictions and perform unauthorized actions.

The following PAN-OS versions are affected:

PAN-OS 7.0.13 and earlier
PAN-OS 7.1.8 and earlier

Information

Bugtraq ID: 97598
Class: Design Error
CVE: CVE-2017-7217

Remote: Yes
Local: No
Published: Apr 10 2017 12:00AM
Updated: Apr 10 2017 12:00AM
Credit: Christophe Schleypen from NATO Communications and Information Agency
Vulnerable: Paloaltonetworks PAN-OS 7.1.5
Paloaltonetworks PAN-OS 7.1.4
Paloaltonetworks PAN-OS 7.1.3
Paloaltonetworks PAN-OS 7.1.2
Paloaltonetworks PAN-OS 7.1.1
Paloaltonetworks PAN-OS 7.1
Paloaltonetworks PAN-OS 7.0.13
Paloaltonetworks PAN-OS 7.0.12
Paloaltonetworks PAN-OS 7.0.11
Paloaltonetworks PAN-OS 7.0.10
Paloaltonetworks PAN-OS 7.0.5
Paloaltonetworks PAN-OS 7.0.4
Paloaltonetworks PAN-OS 7.0.1
Paloaltonetworks PAN-OS 7.0
Paloaltonetworks PAN-OS 7.1.8
Paloaltonetworks PAN-OS 7.1.7
Paloaltonetworks PAN-OS 7.1.6
Paloaltonetworks PAN-OS 7.0.9
Paloaltonetworks PAN-OS 7.0.8
Paloaltonetworks PAN-OS 7.0.7

Not Vulnerable: Paloaltonetworks PAN-OS 7.1.9
Paloaltonetworks PAN-OS 7.1.14

References:

• Palo Alto Networks Homepage (Palo Alto Networks)
  
• (Ref # PAN- 70436 / CVE-2017-7217) (paloaltonetworks)
  

Source: www.securityfocus.com