CVE-2014-3764

Published Jan 6, 2015

Last updated 5 years ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38AA1B62-31F5-435B-B718-339F1CF8D1D1",
            "versionEndIncluding": "5.0.14"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65F6E18B-8C06-488C-B241-63DBAFDFFC03"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ABA3C2D-5912-4CDD-A96C-1C7F3E4F854C"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C181EBAD-EC9C-4721-84D8-2AFF9627B840"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "970FD0AA-EB42-42D0-99B2-E39C15F96D2D"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C117576-B11D-4FCE-85AD-FDBAAA2ABEA9"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEAABE8C-9D3B-486F-B81C-D9A025E8D0AE"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CF131B8-5395-4D84-BD54-07CE5B0280B7"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F49206F-EA13-4361-B951-AEF2F097D36B"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DE41B7B-2214-4724-B20A-6F5F8FEB45D2"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:5.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A9F93F1-CDB5-42AB-BD49-25A50DD95200"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F4DB103-A11A-4C38-A167-F0FCB8F6AA70"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A86F16D-61CA-4681-91CB-F397AC090F87"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "583BC735-6DF1-40CE-880B-F91F233EAE17"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C43C313-A379-46C2-96B9-F510AA3E40AA"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D55C68C0-1396-4640-8EBB-39E91347E037"
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:6.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7793347E-7D25-4B5E-B958-03DD0E7D94C4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References