CVE-2017-17841

MEDIUM

Palo Alto Networks PAN-OS <8.0.7 - RCE

Title source: llm
STIX 2.1

Description

Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102458
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1040149
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2017-17841

Scores

CVSS v3 5.9
EPSS 0.0146
EPSS Percentile 81.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published
Products (24)
paloaltonetworks/pan-os 6.1.0
paloaltonetworks/pan-os 7.1.0
paloaltonetworks/pan-os 7.1.1
paloaltonetworks/pan-os 7.1.2
paloaltonetworks/pan-os 7.1.3
paloaltonetworks/pan-os 7.1.4
paloaltonetworks/pan-os 7.1.4-h2
paloaltonetworks/pan-os 7.1.5
paloaltonetworks/pan-os 7.1.6
paloaltonetworks/pan-os 7.1.7
... and 14 more
Published Jan 10, 2018
Tracked Since Feb 18, 2026