CVE-2019-1579

Description

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code.

From the Tenable Blog

CVE-2019-1579: Critical Pre-Authentication Vulnerability in Palo Alto Networks GlobalProtect SSL VPN Disclosed

Published: 2019-07-19

Researchers disclose a critical vulnerability in Palo Alto GlobalProtect SSL VPN solution used by many organizations.

References

https://www.tenable.com/blog/cve-2024-3400-zero-day-vulnerability-in-palo-alto-networks-pan-os-globalprotect-gateway

https://www.tenable.com/cyber-exposure/a-look-inside-the-ransomware-ecosystem

https://web.archive.org/web/20211025233339/https://twitter.com/pancak3lullz/status/1452679527197560837

https://www.acronis.com/en-us/cyber-protection-center/posts/new-attack-vectors-for-the-darkside-ransomware-gang/

https://www.tenable.com/blog/cve-2020-5135-critical-sonicwall-vpn-portal-stack-based-buffer-overflow-vulnerability

https://www.tenable.com/blog/cve-2020-2021-palo-alto-networks-pan-os-vulnerable-to-critical-authentication-bypass

https://www.tenable.com/blog/critical-vulnerabilities-you-need-to-find-and-fix-to-protect-the-remote-workforce

https://security.paloaltonetworks.com/CVE-2019-1579

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0010

https://devco.re/blog/2019/07/17/attacking-ssl-vpn-part-1-PreAuth-RCE-on-Palo-Alto-GlobalProtect-with-Uber-as-case-study/

http://www.securityfocus.com/bid/109310

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3