CVE-2019-1579

Name of the Vulnerable Software and Affected Versions PAN-OS versions 7.1.18 and earlier PAN-OS versions 8.0.11-h1 and earlier PAN-OS versions 8.1.2 and earlier

Description The issue exists due to insufficient input validation in the GlobalProtect portal and GlobalProtect Gateway interface of the PAN-OS operating system. Exploitation of this issue may allow an unauthenticated remote attacker to execute arbitrary code by sending a specially crafted request. Mass scanning activity has been detected, checking for vulnerable Palo Alto SSL VPN servers. Successful exploitation allows an unauthenticated attacker to execute arbitrary code.

Recommendations For PAN-OS versions 7.1.18 and earlier, update to a version later than 7.1.18. For PAN-OS versions 8.0.11-h1 and earlier, update to a version later than 8.0.11-h1. For PAN-OS versions 8.1.2 and earlier, update to a version later than 8.1.2. As a temporary workaround, consider disabling the GlobalProtect Portal or GlobalProtect Gateway Interface until a patch is available. Restrict access to the GlobalProtect portal and GlobalProtect Gateway interface to minimize the risk of exploitation.