Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0200 PAN-SA-2018-0010 Denial of Service in PAN-OS Management Web Interface 20 August 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Palo Alto PAN-OS Operating System: Network Appliance PAN-OS Impact/Access: Denial of Service -- Existing Account Resolution: Patch/Upgrade Member content until: Wednesday, September 19 2018 OVERVIEW Palo Alto Networks has addressed a denial of service vulnerability in PAN-OS version 8.1.2 and earlier. [1] IMPACT The vendor provided the following detail on the vulnerability: "A Denial of Service exists in PAN-OS Management Web Interface that allows an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page." [1] MITIGATION The vendor recommends updating to PAN-OS 8.1.3 and later. [1] REFERENCES [1] PAN-SA-2018-0010 Denial of Service in PAN-OS Management Web Interface https://securityadvisories.paloaltonetworks.com/Home/Detail/129 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW3o0BGaOgq3Tt24GAQgtmg//aKfg7ILu6GS1NBZ6RGLg5YWNBq5Wnit7 1F3A8NqEUOxTTK57sPVL7CpOGAN6tnSEO26f9YJZ6rrxl2npuInKs9PNsGy4wJx0 8N57mKT3nGJPvpALnKu6jqykTIU0tp+PURNnEuusWQzibB4uSEd2aZ7Nj+sKJUgY YQ9BlJXkegYGbgSbYxpPL3B96iHyCgTAbwbmQJqfk3oI0/CgVVP99KZpikNEBoxI kqTADjHPQpOkm3kdHgNKds7RsRT85V79PemnZ5o6cY/bt7v8m0nQOqzNH/WDg9Tx C4AqVMuB8e4YnfxdcuJbu9XGbLZMPD7Y/m2/IyekUrkBsRdMVdYTrwA8OHzLrhW1 kx49mgK7JsgfbgR0kjCi4lIRJ4KI4k5FtMsjhnUb+dYFJemc+ETpM2JiXPMAgeNK A20Rth4rq9oUP8NzBTs/CVHCVo7eEn2VxdVFVQrv9iVEX0NVoRdAqlmB9hPGaoJD lQK4TRpKnLuzwByJJWcfSgD0K5iEYTxcszI/HIPkkm5f23n138H4EvOsTLwJN3/9 rT8xVj4/sAJgxReykyBDjjoV3eRFVPhkyfJJCdgXxr6uhTY7rij7G7mzcfU5O5CB eqg/oA35bUIUZFz6SKFoXID+2m5CekU56zPahfOhsPCqWrfypJIzo3pXoI3gedqN 2Rn1UpxXnE4= =fg75 -----END PGP SIGNATURE-----