19 July 2019
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0222 Remote Code Execution in Palo Alto GlobalProtect Portal/Gateway Interface 19 July 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: GlobalProtect Portal/Gateway Interface Operating System: Network Appliance Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Resolution: Patch/Upgrade CVE Names: CVE-2019-1579 Member content until: Sunday, August 18 2019 OVERVIEW "Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. (Ref: CVE-2019-1579)"  IMPACT The vendor provided the following detail on the vulnerability: "Successful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code."  MITIGATION The vendor advises updating PAN-OS to specified non-affected versions: "PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases." REFERENCES  Remote Code Execution in GlobalProtect Portal/Gateway Interface https://securityadvisories.paloaltonetworks.com/Home/Detail/158 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: firstname.lastname@example.org Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXTEFC2aOgq3Tt24GAQgZEw/8CkWj/TnZyiJoGue6Pp4yl0Uoi5QoFRrb wkErlNSrGZdtugYScy11fJomcllBYhmkIqab7tN/Q1H+pgVJllE37lvQeXP6G+R4 ZBiUxxtTNod6wEEOn0Dc3vaK8TK5PQxr44XgecdMUBmVF5sOAVkjHTAxJdzS4fyA Mrs/6/JGEgXPJ2kSZT6OpOu4QV68JAYbxUBoOosn755Xl9EQaNaiznP2nkn6QgmH jmzs7UDl3kB5aS7o/zxx7f/1oS1Fl6S9ZgwWAWUchJ8tle3Y/N/SjqErWNvssmvl L8ngzIO4npvuvHBw4ZloPheMnwRzH8AAN/m/YzTj/aBYaSkVOQEJkri9Y3uHxuje phFw0Y9jF3NMz8IULVH3b2TSlrC31RCmQ3VCBCR1sYzo5j0VaeAFDnNPFx1N+QNX El6YL8lTE4Y9+QmY71sqVRLfMC287nQa4ZVI6vBxo4JJ8QUR4KYrLUx2napE4adz iXkgPgI3HktXqdSnvaGavhtOCXGUw7tNV47oSP2G0F+UBR0KduWolUXkLykH4Bve DgK80ybOsALU2j+31rgJNsIDzG1Cuh8kUF87xxKcyVldgeB9xbAyXYVed2YSsWc1 3wxA2QXWv4j4qQ2+zVUTm8C+oHzDqOEZL11eJ9PMGTvD7nMvgmU6qSL2F0lEuZxz Ct1n0WgCFy8= =By/N -----END PGP SIGNATURE-----