CVE-2016-9150

Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
paloaltonetworkspan-os
5.0.0 ≤
𝑥
< 5.0.20
paloaltonetworkspan-os
5.1 ≤
𝑥
< 5.1.13
paloaltonetworkspan-os
6.0.0 ≤
𝑥
< 6.0.15
paloaltonetworkspan-os
6.1.0 ≤
𝑥
< 6.1.15
paloaltonetworkspan-os
7.0.0 ≤
𝑥
< 7.0.11
paloaltonetworkspan-os
7.1.0 ≤
𝑥
< 7.1.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94399
http://www.securitytracker.com/id/1037382
https://security.paloaltonetworks.com/CVE-2016-9150
https://www.exploit-db.com/exploits/40790/
http://www.securityfocus.com/bid/94399
http://www.securitytracker.com/id/1037382
https://security.paloaltonetworks.com/CVE-2016-9150
https://www.exploit-db.com/exploits/40790/