The version of Palo Alto Networks PAN-OS running on the remote host is 6.1.x including 6.1.20 or 7.1.x prior to 7.1.21 or 8.0.x prior to 8.0.14 or 8.1.x prior to 8.1.4. It is, therefore, affected by multiple vulnerabilities :

  - A denial of service (DoS) vulnerability that exists in OpenSSL    due to failure of handling the exception conditions during the TLS    handshake. An authenticated, remote attacker can exploit this issue    , via malicious server to send large prime value to the client to    spend unreasonably long time for generating the key for this prime    resulting hang until the client finished. (CVE-2018-0732)

  - An information disclosure vulnerability that exists in OpenSSL    RSA key generation algorithm due to a cache timing side channel    attack. An authenticated, local attacker can exploit this issue,    via cache timing attacks during the RSA key generation process,    to recover the private key. (CVE-2018-0737)

  - A denial of service (DoS) vulnerability that exists in OpenSSL due    to a constructed ASN.1 types with a recursive definition. An    unauthenticated, remote attacker can exploit this issue, via    creating malicious input with excessive recursion, to cause the    Denial Of Service attack. (CVE-2018-0739)

Detections

Analytics

Palo Alto Networks PAN-OS 6.1.x <= 6.1.20 / 7.1.x < 7.1.21 / 8.0.x < 8.0.14 / 8.1.x < 8.1.4 Multiple Vulnerabilities (PAN-SA-2018-0015)

high Nessus Plugin ID 123512

Version 1.4