CVE-2019-1577 Code Injection Vulnerability in Traps
Description
Code injection vulnerability exists in the Palo Alto Networks Traps. (Ref: CVE-2019-1577)
Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML.
This issue affects Traps 5.0.5 and earlier, including all 4.x releases. These releases did not have the file protection (SPROT) enabled by default. Traps 5.0.6, 6.0 and later are NOT affected.
Product Status
Versions | Affected | Unaffected |
---|---|---|
Traps 6.0 | None | >= 6.0.* |
Traps 5.0 | <= 5.0.5 | >= 5.0.6 |
Traps 4.0 | 4.* | None |
Severity: MEDIUM
CVSSv3.1 Base Score: 6.3 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
Weakness Type
CWE-94 Improper Control of Generation of Code ('Code Injection')
Solution
Traps 5.0.6 and later
Workarounds and Mitigations
Configure Agent Security options that prevent unauthorized access or tampering with Traps components. Instructions are located on (see step 6) https://docs.paloaltonetworks.com/traps/tms/traps-management-service-admin/manage-endpoint-policy/traps-profiles/add-agent-settings-profile