Description
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Palo Alto Networks / Cloud NGFWAll – All
- Palo Alto Networks / pan-os9.0.0 – 9.0.17
- Palo Alto Networks / pan-os9.1.0 – 9.1.15-h1
- Palo Alto Networks / pan-os10.0.0 – 10.0.12
- Palo Alto Networks / pan-os10.1.0 – 10.1.0
- Palo Alto Networks / pan-os10.2.0 – 10.2.0
- Palo Alto Networks / pan-os11.0.0 – 11.0.0
- Palo Alto Networks / pan-os11.1.0 – 11.1.0
- Palo Alto Networks / pan-os8.1.0 – 8.1.24
- Palo Alto Networks / Prisma AccessAll – All