CVE-2019-1565

Summary

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPalo Alto Networks PAN-OSPAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier.affected

Weaknesses

  • Cross-Site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References