CVE-2019-1565

Name of the Vulnerable Software and Affected Versions PAN-OS versions 7.1.21 and earlier PAN-OS versions 8.0.14 and earlier PAN-OS versions 8.1.5 and earlier

Description The issue allows an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML. This is due to insufficient protection of the web page structure. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For PAN-OS versions 7.1.21 and earlier, update to a version later than 7.1.21 to resolve the issue. For PAN-OS versions 8.0.14 and earlier, update to a version later than 8.0.14 to resolve the issue. For PAN-OS versions 8.1.5 and earlier, update to a version later than 8.1.5 to resolve the issue. As a temporary workaround, consider restricting access to the External Dynamic List configuration to minimize the risk of exploitation.