Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-7945

EPSS 0.44% · P63
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-7945

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks PAN-OS GlobalProtect external界面安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks PAN-OS是美国Palo Alto Networks公司为其防火墙设备开发的一套操作系统。GlobalProtect external interface是用于其中的一个网关安全保护界面。 Palo Alto Networks PAN-OS中的GlobalProtect external界面存在安全漏洞,该漏洞源于在用户登录失败后,程序提供不同的错误消息取决于用户名是否存在。远程攻击者可利用该漏洞枚举用户名称,实施暴力破解攻击。以下版本受到影响:Palo Alto
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2017-7945

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-7945

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-04-29 · 9 CVEs total

CVE-2017-8325ImageWorsener 缓冲区错误漏洞
CVE-2017-8326ImageWorsener 安全漏洞
CVE-2017-8327ImageWorsener 安全漏洞
CVE-2017-7957XStream 输入验证错误漏洞
CVE-2017-8114RoundCube Webmail 安全漏洞
CVE-2017-6553Quest One Identity Privilege Manager for Unix 缓冲区错误漏洞
CVE-2017-7981Enalean Tuleap PhpWiki SyntaxHighlighter插件代码注入漏洞
CVE-2017-7644Palo Alto Networks PAN-OS Management Web Interface 信息泄露漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2017-7945

No comments yet

Leave a comment