Description
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This affects the following hardware firewall models: - PA-5400 Series firewalls - PA-7000 Series firewalls
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Affected products
- Palo Alto Networks / Cloud NGFWAll – All
- Palo Alto Networks / pan-os9.1.0 – 9.1.17
- Palo Alto Networks / pan-os10.1.0 – 10.1.12
- Palo Alto Networks / pan-os10.2.0 – 10.2.8
- Palo Alto Networks / pan-os11.0.0 – 11.0.3
- Palo Alto Networks / pan-os11.1.0 – 11.1.0
- Palo Alto Networks / pan-os9.0.0 – 9.0.17-h4
- Palo Alto Networks / Prisma AccessAll – All