5
CVSSv2

CVE-2017-7945

Published: 29/04/2017 Updated: 17/02/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

The GlobalProtect external interface in Palo Alto Networks PAN-OS prior to 6.1.17, 7.x prior to 7.0.15, 7.1.x prior to 7.1.9, and 8.x prior to 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote malicious users to enumerate account names and conduct brute-force attacks via a series of requests, aka PAN-SA-2017-0014 and PAN-72769.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

paloaltonetworks pan-os 8.0.0

paloaltonetworks pan-os 7.1.4

paloaltonetworks pan-os 7.1.6

paloaltonetworks pan-os 7.1.8

paloaltonetworks pan-os 7.0.3

paloaltonetworks pan-os 7.0.5

paloaltonetworks pan-os 7.0.12

paloaltonetworks pan-os 7.0.14

paloaltonetworks pan-os 7.0.0

paloaltonetworks pan-os 7.0.1

paloaltonetworks pan-os 7.0.10

paloaltonetworks pan-os 7.1.3

paloaltonetworks pan-os 8.0.1

paloaltonetworks pan-os 7.0.6

paloaltonetworks pan-os 7.0.4

paloaltonetworks pan-os 7.1.1

paloaltonetworks pan-os 7.0.7

paloaltonetworks pan-os 7.0.9

paloaltonetworks pan-os 7.0.13

paloaltonetworks pan-os 7.1.7

paloaltonetworks pan-os 7.1.0

paloaltonetworks pan-os 7.0.2

paloaltonetworks pan-os 7.0.8

paloaltonetworks pan-os 7.0.11

paloaltonetworks pan-os 7.1.2

paloaltonetworks pan-os 7.1.5

paloaltonetworks pan-os