CVE-2017-15944
Palo Alto Networks PAN-OS Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
YesDecision
Descriptions
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
Palo Alto Networks PAN-OS en versiones anteriores a la 6.1.19; versiones 7.0.x anteriores a la 7.0.19; versiones 7.1.x anteriores a la 07/01/2014 y versiones 8.0.x anteriores a la 8.0.6 permite que atacantes remotos ejecuten código arbitrario mediante vectores relacionados con la interfaz de gestión.
Three separate bugs can be used together to remotely execute commands as root through the web management interface without authentication on PAN-OS versions 6.1.18 and earlier, PAN-OS versions 7.0.18 and earlier, PAN-OS versions 7.1.13 and earlier, and PAN-OS versions 8.0.5 and earlier. Full details provided.
Palo Alto Networks PAN-OS contains multiple, unspecified vulnerabilities which can allow for remote code execution when chained.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-10-27 CVE Reserved
- 2017-12-11 CVE Published
- 2017-12-15 First Exploit
- 2022-08-18 Exploited in Wild
- 2022-09-08 KEV Due Date
- 2024-08-05 CVE Updated
- 2024-11-13 EPSS Updated
CWE
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/102079 | Broken Link | |
| http://www.securitytracker.com/id/1040007 | Broken Link | |
| https://seclists.org/fulldisclosure/2017/Dec/38 |
|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/43342 | 2024-08-05 | |
| https://www.exploit-db.com/exploits/44597 | 2024-08-05 | |
| https://github.com/xxnbyy/CVE-2017-15944-POC | 2017-12-15 | |
| https://github.com/yukar1z0e/CVE-2017-15944 | 2020-05-29 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2017-15944 | 2024-06-28 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | < 6.1.19 Search vendor "Paloaltonetworks" for product "Pan-os" and version " < 6.1.19" | - |
Affected
| ||||||
| Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | >= 7.0.0 < 7.0.19 Search vendor "Paloaltonetworks" for product "Pan-os" and version " >= 7.0.0 < 7.0.19" | - |
Affected
| ||||||
| Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | >= 7.1.0 < 7.1.14 Search vendor "Paloaltonetworks" for product "Pan-os" and version " >= 7.1.0 < 7.1.14" | - |
Affected
| ||||||
| Paloaltonetworks Search vendor "Paloaltonetworks" | Pan-os Search vendor "Paloaltonetworks" for product "Pan-os" | >= 8.0.0 < 8.0.6 Search vendor "Paloaltonetworks" for product "Pan-os" and version " >= 8.0.0 < 8.0.6" | - |
Affected
| ||||||