CVE-2017-7217

MEDIUM

PAN-OS < 7.0.13 - Unauthenticated Arbitrary File Write via Export Function

Title source: manual
STIX 2.1

Description

The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038247
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97598
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2017-7217

Scores

CVSS v3 4.3
EPSS 0.0020
EPSS Percentile 42.4%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-20
Status published
Products (11)
paloaltonetworks/pan-os 7.1.0
paloaltonetworks/pan-os 7.1.1
paloaltonetworks/pan-os 7.1.2
paloaltonetworks/pan-os 7.1.3
paloaltonetworks/pan-os 7.1.4
paloaltonetworks/pan-os 7.1.4-h2
paloaltonetworks/pan-os 7.1.5
paloaltonetworks/pan-os 7.1.6
paloaltonetworks/pan-os 7.1.7
paloaltonetworks/pan-os 7.1.8
... and 1 more
Published Apr 14, 2017
Tracked Since Feb 18, 2026