Code Injection Vulnerability in Traps (PAN-SA-2019-0014)

Last revised: 06/27/2019

Summary

Code injection vulnerability exists in the Palo Alto Networks Traps. (Ref: CVE-2019-1577)

Severity: Low

Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML.

Products Affected

Traps 5.0.5 and earlier, including all 4.x releases. These releases did not have the file protection (SPROT) enabled by default. Traps 5.0.6, 6.0 and later are NOT affected.

Available Updates

Traps 5.0.6 and later

Workarounds and Mitigations

Configure Agent Security options that prevent unauthorized access or tampering with Traps components. Instructions are located on (see step 6) https://docs.paloaltonetworks.com/traps/tms/traps-management-service-admin/manage-endpoint-policy/traps-profiles/add-agent-settings-profile

Acknowledgements

N/A