漏洞类别:CGI
漏洞等级: 
漏洞信息
A Denial of Service exists in PAN-OS Management Web Interface that allows an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page.
This vulnerability can be triggered by an authenticated user sending malformed searching parameters through the Filter bar on the PAN-OS Management Web Interface.
Affected Versions:
PAN-OS 8.1.2 and earlier
PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.
QID Detection Logic: (Authenticated)
This QID checks for the vulnerable version of PAN-OS.
漏洞危害
When successfully exploited by an attacker can lead to Denial of Service.
解决方案
Customers are advised to refer to PAN-SA-2018-0010 for more information about patching this vulnerability.
Workaround:
This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Best practices guidelines reduce the exposure of the management interface to potential attackers which is available here.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论