CVE-2019-15020

CRITICAL

Zingbox Inspector < 1.293 - Origin Validation Error

Title source: rule

Description

A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could allow an attacker to supply an invalid software update image to the Zingbox Inspector that could result in command injection.

References (1)

[Third Party Advisory] https://security.paloaltonetworks.com/CVE-2019-15020

Scores

CVSS v3 9.8

EPSS 0.0158

EPSS Percentile 81.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-346

Status published

Affected Products (1)

zingbox/inspector < 1.293

Timeline

Published Oct 09, 2019

Tracked Since Feb 18, 2026