Palo Alto Networks Security Advisories December 04, 2019

[icecream-guy]

Palo Alto Networks has published two security advisories today at https://securityadvisories.paloaltonetworks.com/

PAN-SA-2019-0038 Custom-role users may escalate privileges (CVE-2019-17437) Severity: HIGH
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue only affects devices configured with a low privileged custom-role user. This issue was discovered by an external security researcher.

This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions.
PAN-SA-2019-0039 OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OS. Severity: MEDIUM
The OpenSSL library has been updated in PAN-OS to resolve CVE-2019-1559. This is a cryptographic vulnerability that under certain situations may allow a remote attacker to decrypt data by observing server responses to different types of errors.

This issue has been fixed in 7.1.25, 8.0.20, 8.1.8, 9.0.2 and all subsequent releases.


Details of the issues, affected versions, and any workaround/mitigation information can be found in the Security Advisories.



Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/

If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support

Regards
,

Product Security Incident Response Team


Palo Alto Networks