An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle (MitM) attacker to impersonate the controller.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Prisma_sd-wan | Paloaltonetworks | 6.3.1 (including) | 6.3.6 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.1 (including) | 6.4.3 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.1 (including) | 6.5.3 (excluding) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6 (including) | 6.3.6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6-b6 (including) | 6.3.6-b6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.3.6-b9 (including) | 6.3.6-b9 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.3 (including) | 6.4.3 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.3-b6 (including) | 6.4.3-b6 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.4.3-b8 (including) | 6.4.3-b8 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3 (including) | 6.5.3 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3-b11 (including) | 6.5.3-b11 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3-b9 (including) | 6.5.3-b9 (including) |
| Prisma_sd-wan | Paloaltonetworks | 6.5.3-i-b10 (including) | 6.5.3-i-b10 (including) |