Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.
2018-01-10T18:29:01.260
2024-11-21T03:18:47.503
Modified
CVSSv3.0: 5.9 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | paloaltonetworks | pan-os | 6.1.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.1 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.2 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.3 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.4 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.4-h2 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.5 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.6 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.7 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.8 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.9 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.10 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.11 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.12 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.13 | Yes |
| Operating System | paloaltonetworks | pan-os | 7.1.14 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.0 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.1 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.2 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.3 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.4 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.5 | Yes |
| Operating System | paloaltonetworks | pan-os | 8.0.6 | Yes |