CVE-2019-15017

Summary

The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials.

Affected Software

VendorProductVersion RangeStatus
n/aPalo Alto Networks Zingbox InspectorZingbox Inspector, versions 1.294 and earlier.affected

Weaknesses

  • Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References