CVE-2017-7216

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions prior to 7.1.9

Description The Management Web Interface in Palo Alto Networks PAN-OS has an issue that allows remote authenticated users to obtain sensitive information via unspecified request parameters. This is due to the interface not properly validating specific request parameters, which can potentially allow for information disclosure. Successfully exploiting this issue would require an attacker to be authenticated.

Recommendations For versions prior to 7.1.9, update to version 7.1.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the Management Web Interface to minimize the risk of exploitation.