A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.
Weakness
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pan-os | Paloaltonetworks | 10.1.0 (including) | 10.1.12 (excluding) |
| Pan-os | Paloaltonetworks | 10.2.0 (including) | 10.2.7 (excluding) |
| Pan-os | Paloaltonetworks | 11.0.0 (including) | 11.0.4 (excluding) |
| Pan-os | Paloaltonetworks | 10.2.7-h1 (including) | 10.2.7-h1 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h2 (including) | 10.2.7-h2 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h3 (including) | 10.2.7-h3 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h4 (including) | 10.2.7-h4 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h5 (including) | 10.2.7-h5 (including) |
| Pan-os | Paloaltonetworks | 10.2.7-h6 (including) | 10.2.7-h6 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/112.html
- https://cwe.mitre.org/data/definitions/192.html
- https://cwe.mitre.org/data/definitions/20.html