CVE-2019-1565 — MEDIUM (5.4)

Q: How severe is CVE-2019-1565?

CVE-2019-1565 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-1565?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os.

Vulnerability Description

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML.

CVSS Score

5.4

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Paloaltonetworks	Pan-Os	<= 7.1.21

Related Weaknesses (CWE)

CWE-79

References

http://www.securityfocus.com/bid/106752Third Party AdvisoryVDB Entry
https://security.paloaltonetworks.com/CVE-2019-1565
http://www.securityfocus.com/bid/106752Third Party AdvisoryVDB Entry
https://security.paloaltonetworks.com/CVE-2019-1565

FAQ

What is CVE-2019-1565?

CVE-2019-1565 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with w...

How severe is CVE-2019-1565?

CVE-2019-1565 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-1565?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os.