A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.
The product uses an externally controlled name or reference that resolves to a resource that is outside of the intended control sphere.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Pan-os | Paloaltonetworks | 9.0.0 | * |
Pan-os | Paloaltonetworks | 10.0.0 | * |
Pan-os | Paloaltonetworks | 8.1.0 | * |
Pan-os | Paloaltonetworks | 9.1.0 | * |
Pan-os | Paloaltonetworks | 11.0.0 | 11.0.0 |
Pan-os | Paloaltonetworks | 10.2.0 | * |
Pan-os | Paloaltonetworks | 10.1.0 | * |