CVE-2017-7409

MEDIUM

Palo Alto Networks PAN-OS <7.0.15 - XSS

Title source: llm
STIX 2.1

Description

Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038355
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/97953
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2017-7409

Scores

CVSS v3 6.1
EPSS 0.0031
EPSS Percentile 54.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
paloaltonetworks/pan-os < 7.0.14
Published Apr 21, 2017
Tracked Since Feb 18, 2026