QID 730823
Date Published: 2023-06-14
QID 730823: Palo Alto Networks (PAN-OS) Local File Deletion Vulnerability (PAN-171625)
PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.
Affected Versions:
PAN-OS 8.1 versions earlier than PAN-OS 8.1.24
PAN-OS 9.0 versions earlier than PAN-OS 9.0.17
PAN-OS 9.1 versions earlier than PAN-OS 9.1.15
PAN-OS 10.0 versions earlier than PAN-OS 10.0.11
PAN-OS 10.1 versions earlier than PAN-OS 10.1.6
QID Detection Logic (Authenticated):
This QID looks for the vulnerable version of PAN-OS
NOTE: Detection is made potential because the signature doesn't check for the Workaround/Mitigations mentioned in the Palo Alto advisory.
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.
Workaround:
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 93274 and 93287 (Applications and Threats content update 8698). This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.
- PAN-171625 -
security.paloaltonetworks.com/CVE-2023-0004
CVEs related to QID 730823
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| PAN-171625 |
security.paloaltonetworks.com/CVE-2023-0004 |