Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2023-6790
Vulnerability from cvelistv5
Published
2023-12-13 18:15
Modified
2024-08-02 08:42
Severity ?
EPSS score ?
Summary
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Palo Alto Networks | PAN-OS |
Version: 8.1 < 8.1.25 Version: 9.0 < 9.0.17 Version: 9.1 < 9.1.16 Version: 10.0 < 10.0.12 Version: 10.1 < 10.1.9 Version: 10.2 < 10.2.4 Version: 11.0 < 11.0.1 Patch: 11.1 |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:42:07.444Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "PAN-OS", vendor: "Palo Alto Networks", versions: [ { changes: [ { at: "8.1.25", status: "unaffected", }, ], lessThan: "8.1.25", status: "affected", version: "8.1", versionType: "custom", }, { changes: [ { at: "9.0.17", status: "unaffected", }, ], lessThan: "9.0.17", status: "affected", version: "9.0", versionType: "custom", }, { changes: [ { at: "9.1.16", status: "unaffected", }, ], lessThan: "9.1.16", status: "affected", version: "9.1", versionType: "custom", }, { changes: [ { at: "10.0.12", status: "unaffected", }, ], lessThan: "10.0.12", status: "affected", version: "10.0", versionType: "custom", }, { changes: [ { at: "10.1.9", status: "unaffected", }, ], lessThan: "10.1.9", status: "affected", version: "10.1", versionType: "custom", }, { changes: [ { at: "10.2.4", status: "unaffected", }, ], lessThan: "10.2.4", status: "affected", version: "10.2", versionType: "custom", }, { changes: [ { at: "11.0.1", status: "unaffected", }, ], lessThan: "11.0.1", status: "affected", version: "11.0", versionType: "custom", }, { lessThan: "All", status: "unaffected", version: "11.1", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "Prisma Access", vendor: "Palo Alto Networks", versions: [ { status: "unaffected", version: "All", }, ], }, { defaultStatus: "unaffected", product: "Cloud NGFW", vendor: "Palo Alto Networks", versions: [ { status: "unaffected", version: "All", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue.", }, ], datePublic: "2023-12-13T17:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", }, ], value: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-13T18:15:48.142Z", orgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", shortName: "palo_alto", }, references: [ { url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.", }, ], value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.", }, ], source: { discovery: "EXTERNAL", }, timeline: [ { lang: "en", time: "2023-12-13T17:00:00.000Z", value: "Initial publication", }, ], title: "PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", assignerShortName: "palo_alto", cveId: "CVE-2023-6790", datePublished: "2023-12-13T18:15:48.142Z", dateReserved: "2023-12-13T17:27:24.529Z", dateUpdated: "2024-08-02T08:42:07.444Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2023-6790\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2023-12-13T19:15:09.030\",\"lastModified\":\"2024-11-21T08:44:33.980\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de cross-site scripting (XSS) basada en DOM en el software PAN-OS de Palo Alto Networks permite a un atacante remoto ejecutar una payload de JavaScript en el contexto del navegador de un administrador cuando ve un enlace específicamente manipulado a la interfaz web de PAN-OS.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.1.0\",\"versionEndExcluding\":\"8.1.25\",\"matchCriteriaId\":\"5C73941F-EBEE-4A03-94A4-B4C7C96E4963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.17\",\"matchCriteriaId\":\"89A55C5F-8E01-42C4-BE93-D683900C07BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.1.0\",\"versionEndExcluding\":\"9.1.16\",\"matchCriteriaId\":\"56181B13-327B-4249-A7E8-246B2420CEFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.12\",\"matchCriteriaId\":\"71F1F86A-8158-4BE8-B509-5F50421DA829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.9\",\"matchCriteriaId\":\"18EE46C0-B863-4AE4-833C-05030D8AD1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.4\",\"matchCriteriaId\":\"D61F01F8-1598-4078-9D98-BFF5B62F3BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F3693A5-182E-4723-BE2A-062D0C9E736C\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-6790\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.paloaltonetworks.com/CVE-2023-6790\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", }, }
ssa-822518
Vulnerability from csaf_siemens
Published
2024-04-09 00:00
Modified
2024-08-13 00:00
Summary
SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-822518.html", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json", }, ], title: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices", tracking: { current_release_date: "2024-08-13T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-822518", initial_release_date: "2024-04-09T00:00:00Z", revision_history: [ { date: "2024-04-09T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-08-13T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added newly published CVE-2024-5911", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions with Palo Alto Networks Virtual NGFW before V11.0.1", product: { name: "RUGGEDCOM APE1808", product_id: "1", }, }, ], category: "product_name", name: "RUGGEDCOM APE1808", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0028", cwe: { id: "CWE-406", name: "Insufficient Control of Network Message Volume (Network Amplification)", }, notes: [ { category: "summary", text: "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-0028", }, { cve: "CVE-2023-0005", cwe: { id: "CWE-497", name: "Exposure of Sensitive System Information to an Unauthorized Control Sphere", }, notes: [ { category: "summary", text: "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0005", }, { cve: "CVE-2023-0008", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0008", }, { cve: "CVE-2023-6790", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6791", }, { cve: "CVE-2023-38046", cwe: { id: "CWE-610", name: "Externally Controlled Reference to a Resource in Another Sphere", }, notes: [ { category: "summary", text: "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-38046", }, { cve: "CVE-2024-5911", cwe: { id: "CWE-434", name: "Unrestricted Upload of File with Dangerous Type", }, notes: [ { category: "summary", text: "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-5911", }, ], }
SSA-822518
Vulnerability from csaf_siemens
Published
2024-04-09 00:00
Modified
2024-08-13 00:00
Summary
SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ document: { category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited. (TLPv2: TLP:CLEAR)", tlp: { label: "WHITE", }, }, lang: "en", notes: [ { category: "summary", text: "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "productcert@siemens.com", name: "Siemens ProductCERT", namespace: "https://www.siemens.com", }, references: [ { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-822518.html", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json", }, ], title: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices", tracking: { current_release_date: "2024-08-13T00:00:00Z", generator: { engine: { name: "Siemens ProductCERT CSAF Generator", version: "1", }, }, id: "SSA-822518", initial_release_date: "2024-04-09T00:00:00Z", revision_history: [ { date: "2024-04-09T00:00:00Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, { date: "2024-08-13T00:00:00Z", legacy_version: "1.1", number: "2", summary: "Added newly published CVE-2024-5911", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "All versions with Palo Alto Networks Virtual NGFW before V11.0.1", product: { name: "RUGGEDCOM APE1808", product_id: "1", }, }, ], category: "product_name", name: "RUGGEDCOM APE1808", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0028", cwe: { id: "CWE-406", name: "Insufficient Control of Network Message Volume (Network Amplification)", }, notes: [ { category: "summary", text: "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2022-0028", }, { cve: "CVE-2023-0005", cwe: { id: "CWE-497", name: "Exposure of Sensitive System Information to an Unauthorized Control Sphere", }, notes: [ { category: "summary", text: "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0005", }, { cve: "CVE-2023-0008", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-0008", }, { cve: "CVE-2023-6790", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-6791", }, { cve: "CVE-2023-38046", cwe: { id: "CWE-610", name: "Externally Controlled Reference to a Resource in Another Sphere", }, notes: [ { category: "summary", text: "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2023-38046", }, { cve: "CVE-2024-5911", cwe: { id: "CWE-434", name: "Unrestricted Upload of File with Dangerous Type", }, notes: [ { category: "summary", text: "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.", title: "Summary", }, ], product_status: { known_affected: [ "1", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "1", ], }, ], scores: [ { cvss_v3: { baseScore: 7.2, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", ], }, ], title: "CVE-2024-5911", }, ], }
wid-sec-w-2023-3151
Vulnerability from csaf_certbund
Published
2023-12-13 23:00
Modified
2023-12-13 23:00
Summary
PaloAlto Networks PAN-OS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.
Angriff
Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service zu verursachen oder Code auszuführen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service zu verursachen oder Code auszuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3151 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3151.json", }, { category: "self", summary: "WID-SEC-2023-3151 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3151", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6789", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6791", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6792", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6793", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6794", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6795", }, ], source_lang: "en-US", title: "PaloAlto Networks PAN-OS: Mehrere Schwachstellen", tracking: { current_release_date: "2023-12-13T23:00:00.000+00:00", generator: { date: "2024-08-15T18:02:50.027+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-3151", initial_release_date: "2023-12-13T23:00:00.000+00:00", revision_history: [ { date: "2023-12-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "PaloAlto Networks PAN-OS 11.1", product: { name: "PaloAlto Networks PAN-OS 11.1", product_id: "T031690", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:11.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 11.0", product: { name: "PaloAlto Networks PAN-OS 11.0", product_id: "T031691", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:11.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.2", product: { name: "PaloAlto Networks PAN-OS 10.2", product_id: "T031692", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.2", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.1", product: { name: "PaloAlto Networks PAN-OS 10.1", product_id: "T031693", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.0", product: { name: "PaloAlto Networks PAN-OS 10.0", product_id: "T031694", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 9.1", product: { name: "PaloAlto Networks PAN-OS 9.1", product_id: "T031695", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:9.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 9.0", product: { name: "PaloAlto Networks PAN-OS 9.0", product_id: "T031696", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:9.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 8.1", product: { name: "PaloAlto Networks PAN-OS 8.1", product_id: "T031697", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:8.1", }, }, }, ], category: "product_name", name: "PAN-OS", }, ], category: "vendor", name: "PaloAlto Networks", }, ], }, vulnerabilities: [ { cve: "CVE-2023-6789", notes: [ { category: "description", text: "In PaloAlto Networks PAN-OS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden im Web-Interface nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6789", }, { cve: "CVE-2023-6790", notes: [ { category: "description", text: "In PaloAlto Networks PAN-OS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein angemeldeter \"Nur-Lese-Administrator\" kann die Klartext-Anmeldeinformationen gespeicherter externer Systemintegrationen wie LDAP, SCP, RADIUS, TACACS+ und SNMP über die Weboberfläche auslesen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6791", }, { cve: "CVE-2023-6792", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Die Ursache ist ein OS-Befehlsinjektions-Problem in der XML-API. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um Systemprozesse zu stören und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall auszuführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6792", }, { cve: "CVE-2023-6793", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein Problem in der Privilegienverwaltung ermöglicht es einem authentifizierten Nur-Lese-Administrator aktive XML-API-Schlüssel von der Firewall zu entfernen und somit die XML-API-Nutzung zu unterbrechen. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6793", }, { cve: "CVE-2023-6794", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein authentifizierter Administrator mit Zugriff auf das Web-Interface kann unberechtigt beliebige Dateien hochladen. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um Systemprozesse zu stören und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall auszuführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6794", }, { cve: "CVE-2023-6795", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Aufgrund eines Command Injection Problems kann ein privilegierter Angreifer Systemprozesse unterbrechen und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall ausführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6795", }, ], }
WID-SEC-W-2023-3151
Vulnerability from csaf_certbund
Published
2023-12-13 23:00
Modified
2023-12-13 23:00
Summary
PaloAlto Networks PAN-OS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.
Angriff
Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service zu verursachen oder Code auszuführen.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, Informationen offenzulegen, einen Denial of Service zu verursachen oder Code auszuführen.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2023-3151 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3151.json", }, { category: "self", summary: "WID-SEC-2023-3151 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3151", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6789", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6791", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6792", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6793", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6794", }, { category: "external", summary: "Palo Alto Networks Security Advisory vom 2023-12-13", url: "https://security.paloaltonetworks.com/CVE-2023-6795", }, ], source_lang: "en-US", title: "PaloAlto Networks PAN-OS: Mehrere Schwachstellen", tracking: { current_release_date: "2023-12-13T23:00:00.000+00:00", generator: { date: "2024-08-15T18:02:50.027+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2023-3151", initial_release_date: "2023-12-13T23:00:00.000+00:00", revision_history: [ { date: "2023-12-13T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "PaloAlto Networks PAN-OS 11.1", product: { name: "PaloAlto Networks PAN-OS 11.1", product_id: "T031690", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:11.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 11.0", product: { name: "PaloAlto Networks PAN-OS 11.0", product_id: "T031691", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:11.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.2", product: { name: "PaloAlto Networks PAN-OS 10.2", product_id: "T031692", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.2", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.1", product: { name: "PaloAlto Networks PAN-OS 10.1", product_id: "T031693", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 10.0", product: { name: "PaloAlto Networks PAN-OS 10.0", product_id: "T031694", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:10.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 9.1", product: { name: "PaloAlto Networks PAN-OS 9.1", product_id: "T031695", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:9.1", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 9.0", product: { name: "PaloAlto Networks PAN-OS 9.0", product_id: "T031696", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:9.0", }, }, }, { category: "product_name", name: "PaloAlto Networks PAN-OS 8.1", product: { name: "PaloAlto Networks PAN-OS 8.1", product_id: "T031697", product_identification_helper: { cpe: "cpe:/o:paloaltonetworks:pan-os:8.1", }, }, }, ], category: "product_name", name: "PAN-OS", }, ], category: "vendor", name: "PaloAlto Networks", }, ], }, vulnerabilities: [ { cve: "CVE-2023-6789", notes: [ { category: "description", text: "In PaloAlto Networks PAN-OS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden im Web-Interface nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6789", }, { cve: "CVE-2023-6790", notes: [ { category: "description", text: "In PaloAlto Networks PAN-OS existiert eine Cross-Site Scripting Schwachstelle. HTML und Script-Eingaben werden nicht ordnungsgemäß überprüft, bevor sie an den Benutzer zurückgegeben werden. Ein entfernter, anonymer Angreifer kann durch Ausnutzung dieser Schwachstelle beliebigen HTML- und Script-Code durch den Browser des Benutzers im Kontext der betroffenen Seite ausführen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein angemeldeter \"Nur-Lese-Administrator\" kann die Klartext-Anmeldeinformationen gespeicherter externer Systemintegrationen wie LDAP, SCP, RADIUS, TACACS+ und SNMP über die Weboberfläche auslesen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6791", }, { cve: "CVE-2023-6792", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Die Ursache ist ein OS-Befehlsinjektions-Problem in der XML-API. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um Systemprozesse zu stören und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall auszuführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6792", }, { cve: "CVE-2023-6793", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein Problem in der Privilegienverwaltung ermöglicht es einem authentifizierten Nur-Lese-Administrator aktive XML-API-Schlüssel von der Firewall zu entfernen und somit die XML-API-Nutzung zu unterbrechen. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031692", "T031691", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6793", }, { cve: "CVE-2023-6794", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Ein authentifizierter Administrator mit Zugriff auf das Web-Interface kann unberechtigt beliebige Dateien hochladen. Ein privilegierter Angreifer kann diese Schwachstelle ausnutzen, um Systemprozesse zu stören und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall auszuführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6794", }, { cve: "CVE-2023-6795", notes: [ { category: "description", text: "Es existiert eine Schwachstelle in PaloAlto Networks PAN-OS. Aufgrund eines Command Injection Problems kann ein privilegierter Angreifer Systemprozesse unterbrechen und möglicherweise beliebigen Code mit eingeschränkten Rechten auf der Firewall ausführen.", }, ], product_status: { known_affected: [ "T031696", "T031695", "T031697", "T031694", "T031693", ], }, release_date: "2023-12-13T23:00:00.000+00:00", title: "CVE-2023-6795", }, ], }
icsa-24-102-03
Vulnerability from csaf_cisa
Published
2024-04-09 00:00
Modified
2024-04-09 00:00
Summary
Siemens RUGGEDCOM APE1808 before V11.0.1
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-822518.html", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-822518.pdf", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-822518.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-102-03 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-03.json", }, { category: "self", summary: "ICS Advisory ICSA-24-102-03 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-03", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens RUGGEDCOM APE1808 before V11.0.1", tracking: { current_release_date: "2024-04-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-24-102-03", initial_release_date: "2024-04-09T00:00:00.000000Z", revision_history: [ { date: "2024-04-09T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<with_Palo_Alto_Networks_Virtual_NGFW_V11.0.1", product: { name: "RUGGEDCOM APE1808", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM APE1808", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0028", cwe: { id: "CWE-406", name: "Insufficient Control of Network Message Volume (Network Amplification)", }, notes: [ { category: "summary", text: "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-0028", }, { cve: "CVE-2023-0005", cwe: { id: "CWE-497", name: "Exposure of Sensitive System Information to an Unauthorized Control Sphere", }, notes: [ { category: "summary", text: "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0005", }, { cve: "CVE-2023-0008", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0008", }, { cve: "CVE-2023-6790", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6791", }, { cve: "CVE-2023-38046", cwe: { id: "CWE-610", name: "Externally Controlled Reference to a Resource in Another Sphere", }, notes: [ { category: "summary", text: "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-38046", }, ], }
ICSA-24-102-03
Vulnerability from csaf_cisa
Published
2024-04-09 00:00
Modified
2024-04-09 00:00
Summary
Siemens RUGGEDCOM APE1808 before V11.0.1
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, ], publisher: { category: "other", contact_details: "central@cisa.dhs.gov", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-822518.html", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-822518.pdf", }, { category: "self", summary: "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW before V11.0.1 on RUGGEDCOM APE1808 devices - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-822518.txt", }, { category: "self", summary: "ICS Advisory ICSA-24-102-03 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-03.json", }, { category: "self", summary: "ICS Advisory ICSA-24-102-03 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-03", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens RUGGEDCOM APE1808 before V11.0.1", tracking: { current_release_date: "2024-04-09T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-24-102-03", initial_release_date: "2024-04-09T00:00:00.000000Z", revision_history: [ { date: "2024-04-09T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "<with_Palo_Alto_Networks_Virtual_NGFW_V11.0.1", product: { name: "RUGGEDCOM APE1808", product_id: "CSAFPID-0001", }, }, ], category: "product_name", name: "RUGGEDCOM APE1808", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2022-0028", cwe: { id: "CWE-406", name: "Insufficient Control of Network Message Volume (Network Amplification)", }, notes: [ { category: "summary", text: "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.6, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2022-0028", }, { cve: "CVE-2023-0005", cwe: { id: "CWE-497", name: "Exposure of Sensitive System Information to an Unauthorized Control Sphere", }, notes: [ { category: "summary", text: "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0005", }, { cve: "CVE-2023-0008", cwe: { id: "CWE-73", name: "External Control of File Name or Path", }, notes: [ { category: "summary", text: "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-0008", }, { cve: "CVE-2023-6790", cwe: { id: "CWE-79", name: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, notes: [ { category: "summary", text: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 8.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6790", }, { cve: "CVE-2023-6791", cwe: { id: "CWE-522", name: "Insufficiently Protected Credentials", }, notes: [ { category: "summary", text: "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 4.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-6791", }, { cve: "CVE-2023-38046", cwe: { id: "CWE-610", name: "Externally Controlled Reference to a Resource in Another Sphere", }, notes: [ { category: "summary", text: "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", ], }, remediations: [ { category: "vendor_fix", details: "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.", product_ids: [ "CSAFPID-0001", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", ], }, ], title: "CVE-2023-38046", }, ], }
ghsa-8r5w-j8rm-886w
Vulnerability from github
Published
2023-12-13 21:30
Modified
2023-12-18 21:30
Severity ?
Details
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
{ affected: [], aliases: [ "CVE-2023-6790", ], database_specific: { cwe_ids: [ "CWE-79", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2023-12-13T19:15:09Z", severity: "HIGH", }, details: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", id: "GHSA-8r5w-j8rm-886w", modified: "2023-12-18T21:30:22Z", published: "2023-12-13T21:30:31Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2023-6790", }, { type: "WEB", url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", type: "CVSS_V3", }, ], }
fkie_cve-2023-6790
Vulnerability from fkie_nvd
Published
2023-12-13 19:15
Modified
2024-11-21 08:44
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | 11.0.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C73941F-EBEE-4A03-94A4-B4C7C96E4963", versionEndExcluding: "8.1.25", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "89A55C5F-8E01-42C4-BE93-D683900C07BE", versionEndExcluding: "9.0.17", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "56181B13-327B-4249-A7E8-246B2420CEFC", versionEndExcluding: "9.1.16", versionStartIncluding: "9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "71F1F86A-8158-4BE8-B509-5F50421DA829", versionEndExcluding: "10.0.12", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "18EE46C0-B863-4AE4-833C-05030D8AD1AF", versionEndExcluding: "10.1.9", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D61F01F8-1598-4078-9D98-BFF5B62F3BA5", versionEndExcluding: "10.2.4", versionStartIncluding: "10.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6F3693A5-182E-4723-BE2A-062D0C9E736C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", }, { lang: "es", value: "Vulnerabilidad de cross-site scripting (XSS) basada en DOM en el software PAN-OS de Palo Alto Networks permite a un atacante remoto ejecutar una payload de JavaScript en el contexto del navegador de un administrador cuando ve un enlace específicamente manipulado a la interfaz web de PAN-OS.", }, ], id: "CVE-2023-6790", lastModified: "2024-11-21T08:44:33.980", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@paloaltonetworks.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-13T19:15:09.030", references: [ { source: "psirt@paloaltonetworks.com", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], sourceIdentifier: "psirt@paloaltonetworks.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@paloaltonetworks.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
gsd-2023-6790
Vulnerability from gsd
Modified
2023-12-14 06:01
Details
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
Aliases
{ gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2023-6790", ], details: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", id: "GSD-2023-6790", modified: "2023-12-14T06:01:34.560200Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "psirt@paloaltonetworks.com", ID: "CVE-2023-6790", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "PAN-OS", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "unaffected", versions: [ { changes: [ { at: "8.1.25", status: "unaffected", }, ], lessThan: "8.1.25", status: "affected", version: "8.1", versionType: "custom", }, { changes: [ { at: "9.0.17", status: "unaffected", }, ], lessThan: "9.0.17", status: "affected", version: "9.0", versionType: "custom", }, { changes: [ { at: "9.1.16", status: "unaffected", }, ], lessThan: "9.1.16", status: "affected", version: "9.1", versionType: "custom", }, { changes: [ { at: "10.0.12", status: "unaffected", }, ], lessThan: "10.0.12", status: "affected", version: "10.0", versionType: "custom", }, { changes: [ { at: "10.1.9", status: "unaffected", }, ], lessThan: "10.1.9", status: "affected", version: "10.1", versionType: "custom", }, { changes: [ { at: "10.2.4", status: "unaffected", }, ], lessThan: "10.2.4", status: "affected", version: "10.2", versionType: "custom", }, { changes: [ { at: "11.0.1", status: "unaffected", }, ], lessThan: "11.0.1", status: "affected", version: "11.0", versionType: "custom", }, { lessThan: "All", status: "unaffected", version: "11.1", versionType: "custom", }, ], }, }, ], }, }, { product_name: "Prisma Access", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "unaffected", versions: [ { status: "unaffected", version: "All", }, ], }, }, ], }, }, { product_name: "Cloud NGFW", version: { version_data: [ { version_value: "not down converted", x_cve_json_5_version_data: { defaultStatus: "unaffected", versions: [ { status: "unaffected", version: "All", }, ], }, }, ], }, }, ], }, vendor_name: "Palo Alto Networks", }, ], }, }, credits: [ { lang: "en", value: "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue.", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", }, ], }, exploit: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], generator: { engine: "Vulnogram 0.1.0-dev", }, impact: { cvss: [ { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, ], }, problemtype: { problemtype_data: [ { description: [ { cweId: "CWE-79", lang: "eng", value: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", }, ], }, ], }, references: { reference_data: [ { name: "https://security.paloaltonetworks.com/CVE-2023-6790", refsource: "MISC", url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], }, solution: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.", }, ], value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.", }, ], source: { discovery: "EXTERNAL", }, }, "nvd.nist.gov": { cve: { configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "5C73941F-EBEE-4A03-94A4-B4C7C96E4963", versionEndExcluding: "8.1.25", versionStartIncluding: "8.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "89A55C5F-8E01-42C4-BE93-D683900C07BE", versionEndExcluding: "9.0.17", versionStartIncluding: "9.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "56181B13-327B-4249-A7E8-246B2420CEFC", versionEndExcluding: "9.1.16", versionStartIncluding: "9.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "71F1F86A-8158-4BE8-B509-5F50421DA829", versionEndExcluding: "10.0.12", versionStartIncluding: "10.0.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "18EE46C0-B863-4AE4-833C-05030D8AD1AF", versionEndExcluding: "10.1.9", versionStartIncluding: "10.1.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", matchCriteriaId: "D61F01F8-1598-4078-9D98-BFF5B62F3BA5", versionEndExcluding: "10.2.4", versionStartIncluding: "10.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*", matchCriteriaId: "6F3693A5-182E-4723-BE2A-062D0C9E736C", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], descriptions: [ { lang: "en", value: "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.", }, { lang: "es", value: "Vulnerabilidad de cross-site scripting (XSS) basada en DOM en el software PAN-OS de Palo Alto Networks permite a un atacante remoto ejecutar una payload de JavaScript en el contexto del navegador de un administrador cuando ve un enlace específicamente manipulado a la interfaz web de PAN-OS.", }, ], id: "CVE-2023-6790", lastModified: "2023-12-18T18:53:56.697", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "psirt@paloaltonetworks.com", type: "Secondary", }, ], }, published: "2023-12-13T19:15:09.030", references: [ { source: "psirt@paloaltonetworks.com", tags: [ "Vendor Advisory", ], url: "https://security.paloaltonetworks.com/CVE-2023-6790", }, ], sourceIdentifier: "psirt@paloaltonetworks.com", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@paloaltonetworks.com", type: "Secondary", }, ], }, }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.