CVE-2017-5584

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS versions 5.1 through 7.1.7 Palo Alto Networks PAN-OS version 6.x before 6.1.16 Palo Alto Networks PAN-OS version 7.0.x before 7.0.13 However, considering the ranges and versions provided, the most concise form is: Palo Alto Networks PAN-OS versions 5.1 through 7.1.7

Description A cross-site scripting (XSS) vulnerability exists in the Management Web Interface of Palo Alto Networks PAN-OS, allowing remote authenticated users to inject arbitrary web script or HTML. This issue may allow an attacker to inject arbitrary Java script or HTML, potentially leading to a persistent cross-site scripting (XSS) attack of the management web interface.

Recommendations For versions 5.1 through 7.1.7, update to a version later than 7.1.7 to resolve the issue. For version 6.x, update to 6.1.16 or later. For version 7.0.x, update to 7.0.13 or later. For version 7.1.x, update to 7.1.8 or later.