CVE-2017-15944

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions prior to 6.1.19 Palo Alto Networks PAN-OS versions 7.0.x prior to 7.0.19 Palo Alto Networks PAN-OS versions 7.1.x prior to 7.1.14 Palo Alto Networks PAN-OS versions 8.0.x prior to 8.0.6

Description The issue allows remote attackers to execute arbitrary code via vectors involving the management interface. This can be achieved through the exploitation of a combination of unrelated vulnerabilities in the management interface of the device, allowing an attacker to remotely execute code on PAN-OS or Panorama in the context of the highest privileged user.

Recommendations For versions prior to 6.1.19, update to version 6.1.19 or later. For versions 7.0.x prior to 7.0.19, update to version 7.0.19 or later. For versions 7.1.x prior to 7.1.14, update to version 7.1.14 or later. For versions 8.0.x prior to 8.0.6, update to version 8.0.6 or later. As a temporary workaround, consider restricting access to the management interface until a patch is available.