CVE-2012-6602

EUVD-2012-6449
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
Affected Products (NVD)
VendorProductVersion
paloaltonetworkspan-os
𝑥
≤ 3.1.9
paloaltonetworkspan-os
4.0.0
paloaltonetworkspan-os
4.0.1
paloaltonetworkspan-os
4.0.2
paloaltonetworkspan-os
4.0.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://security.paloaltonetworks.com/CVE-2012-6602
https://security.paloaltonetworks.com/CVE-2012-6602