CVE-2016-9151
HIGHPalo Alto Networks PAN-OS <7.1.6 - Privilege Escalation
Title source: llmDescription
Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textlocallinux
https://www.exploit-db.com/exploits/40788
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textlocallinux
https://www.exploit-db.com/exploits/40789
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40789/
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/40788/
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94400
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037381
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2016-9151
Scores
CVSS v3
7.8
EPSS
0.0009
EPSS Percentile
25.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-264
Status
published
Products (1)
paloaltonetworks/pan-os
5.0.0 - 5.0.20
Published
Nov 19, 2016
Tracked Since
Feb 18, 2026