Critical Published: Apr 29, 2017 Modified: Apr 20, 2025

CVE-2017-7945

9.8 CVSS Score Critical

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Export CVE-2017-7945 Data:

Link copied!

Description

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.

CVSS Vector Details

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality High

Integrity High

Availability High

Affected Software Configurations

o paloaltonetworks pan-os * * * * * * * *
o paloaltonetworks pan-os 7.0.0 * * * * * * *
o paloaltonetworks pan-os 7.0.1 * * * * * * *
o paloaltonetworks pan-os 7.0.2 * * * * * * *
o paloaltonetworks pan-os 7.0.3 * * * * * * *
o paloaltonetworks pan-os 7.0.4 * * * * * * *
o paloaltonetworks pan-os 7.0.5 * * * * * * *
o paloaltonetworks pan-os 7.0.5 h2 * * * * * *
o paloaltonetworks pan-os 7.0.6 * * * * * * *
o paloaltonetworks pan-os 7.0.7 * * * * * * *

Weaknesses (CWE)

CWE-209

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

← Back to CVE Tracker