PT-2012-6290 · Palo Alto Networks · Pan-Os

Publicado

2012-04-27

Atualizado

2020-02-17

CVE-2012-6601

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions 3.1.11 and earlier Palo Alto Networks PAN-OS versions 4.0.9 and earlier Palo Alto Networks PAN-OS versions 4.1.3 and earlier

Description A vulnerability exists in the device-management command-line interface, allowing an unauthenticated user to execute arbitrary code as root on the device. This can result in arbitrary command execution and total compromise of the device.

Recommendations For versions 3.1.11 and earlier, update to version 3.1.12 or later. For versions 4.0.9 and earlier, update to version 4.0.10 or later. For versions 4.1.3 and earlier, update to version 4.1.4 or later.

Correção

RCE

OS Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-78

Identificadores relacionados

CVE-2012-6601

Produtos afetados

Pan-Os

PT-2012-6290 · Palo Alto Networks · Pan-Os

CVE-2012-6601

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2