Last revised: 12/05/2017
A vulnerability exists in PAN-OS that could lead to rendering the management interface unavailable for legitimate use. (Ref # PAN-78127 / CVE-2017-15942)
PAN-OS contains a vulnerability that may allow a non-authenticated third party to mount a Denial of Service attack against the management interface. Successful exploitation of this issue may allow an attacker to render the PAN-OS management interface unavailable.
PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier
PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later
This issue affects the management interface of the device and is strongly mitigated by following best practices for the isolation of management interfaces for security appliances. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS.
Palo Alto Networks would like to thank Craig Stephen from Net Consulting for reporting this issue to us