Christophe Schleypen

**Name of the Vulnerable Software and Affected Versions** NETSCOUT nGeniusPULSE version 3.8 **Description** The issue is related to weak file permissions. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For NETSCOUT nGeniusPULSE version 3.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NETSCOUT nGeniusPULSE version 3.8 **Description** The issue is a Command Injection Vulnerability. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** For NETSCOUT nGeniusPULSE version 3.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** NETSCOUT nGeniusPULSE version 3.8 **Description** The issue is related to a hardcoded cryptographic key in the software. This could potentially allow unauthorized access or decryption of sensitive data. **Recommendations** For NETSCOUT nGeniusPULSE version 3.8, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Nome do software vulnerável e versões afetadas** Aplicativo Palo Alto Networks GlobalProtect, versões 5.1 a 5.1.9 no Windows Aplicativo Palo Alto Networks GlobalProtect, versões 5.2 a 5.2.4 no Windows **Descrição** Existe uma vulnerabilidade de resolução incorreta de links antes do acesso ao arquivo (“link following”) no aplicativo Palo Alto Networks GlobalProtect no Windows, permitindo que um invasor local interrompa processos do sistema e, potencialmente, execute código arbitrário com privilégios de SISTEMA em determinadas circunstâncias. **Recomendações** Para a versão 5.1 do aplicativo GlobalProtect, atualize para a versão 5.1.10 ou posterior para resolver o problema. Para a versão 5.2 do aplicativo GlobalProtect, atualize para a versão 5.2.5 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Versões do aplicativo Palo Alto Networks GlobalProtect anteriores à 5.1.8 Versões do aplicativo Palo Alto Networks GlobalProtect anteriores à 5.2.4 **Descrição** Um problema de negação de serviço (DoS) no aplicativo GlobalProtect em sistemas Windows permite que um usuário com privilégios limitados do Windows envie dados especificamente criados para o aplicativo GlobalProtect, resultando em um erro de tela azul da morte (BSOD) do Windows. **Recomendações** Para versões anteriores à 5.1.8, atualize para a versão 5.1.8 ou posterior. Para versões anteriores à 5.2.4, atualize para a versão 5.2.4 ou posterior.

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions 7.1 prior to 7.1.25 PAN-OS versions 8.0 prior to 8.0.20 PAN-OS versions 8.1 prior to 8.1.11 PAN-OS versions 9.0 prior to 9.0.5 **Description** The issue is related to an improper authentication check in the PAN-OS operating system, which may allow an authenticated low-privileged non-superuser custom role user to elevate privileges and become a superuser. **Recommendations** For PAN-OS versions 7.1 prior to 7.1.25, update to version 7.1.25 or later. For PAN-OS versions 8.0 prior to 8.0.20, update to version 8.0.20 or later. For PAN-OS versions 8.1 prior to 8.1.11, update to version 8.1.11 or later. For PAN-OS versions 9.0 prior to 9.0.5, update to version 9.0.5 or later.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS versions 6.1.16 and earlier Palo Alto Networks PAN-OS versions 7.0.14 and earlier Palo Alto Networks PAN-OS versions 7.1.8 and earlier **Description** The Management Web Interface in Palo Alto Networks PAN-OS contains an issue that allows remote authenticated users to obtain sensitive information due to incorrect permission validation. This issue can be exploited by an attacker who is authenticated. **Recommendations** For versions 6.1.16 and earlier, update to version 6.1.17 or later. For versions 7.0.14 and earlier, update to version 7.0.15 or later. For versions 7.1.8 and earlier, update to version 7.1.9 or later.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS versions prior to 7.1.9 **Description** A privilege escalation issue exists in the Management Web Interface due to improper validation of specific request parameters, potentially allowing execution of code with higher privileges. This issue requires an attacker to be authenticated. **Recommendations** For versions prior to 7.1.9, update to version 7.1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Web Interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS versions 7.0.0 through 7.0.13 Palo Alto Networks PAN-OS versions 7.1.0 through 7.1.8 **Description** A issue exists in the Management Web Interface that could allow an attacker to tamper with export files. The Management Web Interface does not properly validate specific request parameters which can potentially allow arbitrary data to be written to export files. Successfully exploiting this issue would require an attacker to be authenticated. Tampering of files is limited to temporary files used for exporting. **Recommendations** For PAN-OS versions 7.0.0 through 7.0.13, update to version 7.0.14 or later. For PAN-OS versions 7.1.0 through 7.1.8, update to version 7.1.9 or later.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS versions prior to 7.1.9 **Description** The Management Web Interface in Palo Alto Networks PAN-OS has an issue that allows remote authenticated users to obtain sensitive information via unspecified request parameters. This is due to the interface not properly validating specific request parameters, which can potentially allow for information disclosure. Successfully exploiting this issue would require an attacker to be authenticated. **Recommendations** For versions prior to 7.1.9, update to version 7.1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Web Interface to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS versions 6.1.15 and earlier Palo Alto Networks PAN-OS versions 7.0.12 and earlier Palo Alto Networks PAN-OS versions 7.1.7 and earlier **Description** A post-authentication issue in the Management Web Interface may allow for information disclosure, enabling an attacker to download arbitrary files from a folder. **Recommendations** For versions 6.1.15 and earlier, update to version 6.1.16 or later. For versions 7.0.12 and earlier, update to version 7.0.13 or later. For versions 7.1.7 and earlier, update to version 7.1.8 or later.