How severe is CVE-2019-1579?

CVE-2019-1579 has a CVSS v3 score of 8.1 (HIGH).

CVE-2019-1579

Name: pan-os
Author: paloaltonetworks

8.1HIGH

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthe

Опубликовано: 7/19/2019Обновлено: 11/4/2025

Посмотреть на NVD Посмотреть на MITRE

Известная эксплуатируемая уязвимость CISA

Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled.

Требуемое действие:

Apply updates per vendor instructions.

Срок:

2022-07-10

Известное использование вымогателей

Описание

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.

ИИ-АнализНа базе ИИ

Затронутые продукты

paloaltonetworkspan-os

Ссылки

http://www.securityfocus.com/bid/109310
Broken LinkThird Party AdvisoryVDB Entry
https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/
ExploitThird Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
Broken LinkThird Party Advisory
https://security.paloaltonetworks.com/CVE-2019-1579
Vendor Advisory
http://www.securityfocus.com/bid/109310
Broken LinkThird Party AdvisoryVDB Entry
https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/
ExploitThird Party Advisory
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010
Broken LinkThird Party Advisory
https://security.paloaltonetworks.com/CVE-2019-1579
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1579
US Government Resource