A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.
The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service or other consequences because of excessive looping.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Prisma_sd-wan | Paloaltonetworks | 6.3.1 (including) | 6.3.6 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.1 (including) | 6.4.3 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.1 (including) | 6.5.3 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6 (including) | 6.3.6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6-b6 (including) | 6.3.6-b6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6-b9 (including) | 6.3.6-b9 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.3 (including) | 6.4.3 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.3-b6 (including) | 6.4.3-b6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3 (including) | 6.5.3 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3-b9 (including) | 6.5.3-b9 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3-i-b10 (including) | 6.5.3-i-b10 (including) |