- Creation
- Validation
- Communication & fix
- Disclosure
grdwavre.be / Palo Alto (Global-network) instance is outdated
Deleted user
reported 2021-11-14
The following Palo Alto (Global-network) is publicly accessible and looks out-dated : https://194.78.185.9/global-protect/login.esp
It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.
The CVE-2021-3064 prevention reports are identified and dispatched with the help of https://twitter.com/HaboubiAnis
Reference:
IP:
194.78.185.9Port:
443Detected protocol:
httpsVulnerable URL:
https://194.78.185.9/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 6/2020
Version: 8.1.15-h3
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2021-11-14
IP:
194.78.185.9Port:
443Detected protocol:
httpsVulnerable URL:
https://194.78.185.9/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 6/2020
Version: 8.1.15-h3
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2022-01-05
IP:
194.78.185.9Port:
443Detected protocol:
httpsVulnerable URL:
https://194.78.185.9/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 6/2020
Version: 8.1.15-h3
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2022-01-06
Report created by
deleted-user
2021-11-14
deleted-user
2021-11-14
Report edited by
BloodyShell
2021-11-14
BloodyShell
2021-11-14
New PDF report generated by system 2021-11-14
BloodyShell
commented 2021-11-14:
approved
shows in report
Looks like proximus
New PDF report generated by system 2021-11-14
Report comment dispatched to zythop by system 2021-11-14
Report comment dispatched to info@grdwavre.be by system 2021-11-14
Report comment dispatched to vulnerabilitydisclosure@ccb.belgium.be by system 2021-11-14
Report edited by
BloodyShell
2021-11-14
BloodyShell
2021-11-14
Report approved by
BloodyShell
2021-11-14
BloodyShell
2021-11-14
New PDF report generated by system 2021-11-14
Report dispatched to ...@... by system 2021-11-14
Report dispatched to ...@... by system 2021-11-14
Report edited by
deleted-user
2022-01-12
deleted-user
2022-01-12
New PDF report generated by system 2022-01-12
Report dispatched to ...@... by system 2022-01-12
Report dispatched to ...@... by system 2022-01-12
system
commented 2022-01-27:
approved
shows in report
bip! I'm a LeakIX probe. This issue looks like it has been resolved!
New PDF report generated by system 2022-01-27
Report comment dispatched to zythop by system 2022-01-27
Report comment dispatched to info@grdwavre.be by system 2022-01-27
Report comment dispatched to vulnerabilitydisclosure@ccb.belgium.be by system 2022-01-27
Report comment dispatched to rew@grdwavre.be by system 2022-01-27
Report comment dispatched to roger.lebussy@grdwavre.be by system 2022-01-27
Report marked as fixed by
deleted-user
2022-01-27
deleted-user
2022-01-27
Report closed by
deleted-user
2022-01-27
deleted-user
2022-01-27
New PDF report generated by system 2022-01-27
Report edited by
deleted-user
2022-01-27
deleted-user
2022-01-27
New PDF report generated by system 2022-01-27
Information
Owner
grdwavre.be
Created
2021-11-14 11:15
Updated
2022-01-27 15:04
Fixed
true
Contacts
i...@grdwavre.be
v...@ccb.belgium.be
r...@grdwavre.be
r...@grdwavre.be
Status
Status
closed
Hosting contacted
false
CERT contacted
false
Download report