CVE-2016-3655

The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

Information

Published : 2016-04-12 10:59

Updated : 2020-02-17 08:15


NVD link : CVE-2016-3655

Mitre link : CVE-2016-3655


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE-20

Improper Input Validation

Advertisement

dedicated server usa

Products Affected

paloaltonetworks

  • pan-os