External Dynamic List Vulnerability in PAN-OS by Palo Alto Networks
CVE-2019-1565

5.4MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Palo Alto Networks Pan-os
Vendor: CVE Published:; 30 January 2019

Summary

A vulnerability exists in the External Dynamic Lists of PAN-OS, allowing authenticated users with write privileges to inject arbitrary JavaScript or HTML code. This could potentially lead to unauthorized actions or data manipulation within the firewall configuration, affecting the integrity and security of the system.

Affected Version(s)

Palo Alto Networks PAN-OS PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier.

References

http://www.securityfocus.com/bid/106752

vdb-entryx_refsource_BID

https://security.paloaltonetworks.com/CVE-2019-1565

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 30, 2019
Vulnerability Reserved
Dec 6, 2018