- Creation
- Validation
- Communication & fix
- Disclosure
rtbf.be / Palo Alto (Global-network) instance is outdated
Deleted user
reported 2021-11-17
The following Palo Alto (Global-network) is publicly accessible and looks out-dated : https://185.153.41.227/global-protect/login.esp
It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.
This prevention reports are identified and dispatched with the help of https://twitter.com/HaboubiAnis
Reference:
- https://security.paloaltonetworks.com/CVE-2020-2021
- https://security.paloaltonetworks.com/CVE-2020-2034
IP:
185.153.41.227Port:
443Detected protocol:
httpsVulnerable URL:
https://185.153.41.227/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 8/2019
Version: 9.0.3-h3
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Found by PaloAltoPlugin 2021-11-14
IP:
185.153.41.227Port:
443Detected protocol:
httpsVulnerable URL:
https://185.153.41.227/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 8/2019
Version: 9.0.3-h3
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Found by PaloAltoPlugin 2021-11-24
IP:
185.153.41.227Port:
443Detected protocol:
httpsVulnerable URL:
https://185.153.41.227/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 8/2019
Version: 9.0.3-h3
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Found by PaloAltoPlugin 2021-11-26
Report created by
deleted-user
2021-11-17
deleted-user
2021-11-17
Report approved by
BloodyShell
2021-11-17
BloodyShell
2021-11-17
New PDF report generated by system 2021-11-17
Report dispatched to ...@... by system 2021-11-17
Report dispatched to ...@... by system 2021-11-17
Report dispatched to ...@... by system 2021-11-17
Report dispatched to ...@... by system 2021-11-17
Report comment dispatched to BloodyShell by system 2021-11-17
Report comment dispatched to iampritam by system 2021-11-17
Report comment dispatched to fokoil by system 2021-11-17
Report comment dispatched to thLambda by system 2021-11-17
Report edited by
BloodyShell
2021-11-19
BloodyShell
2021-11-19
New PDF report generated by system 2021-11-19
Report dispatched to ...@... by system 2021-11-19
system
commented 2021-11-30:
approved
shows in report
bip! I'm a LeakIX probe. This issue looks like it has been resolved!
New PDF report generated by system 2021-11-30
Report comment dispatched to zythop by system 2021-11-30
Report comment dispatched to dect@rtbf.be by system 2021-11-30
Report comment dispatched to vulnerabilityreport@cert.be by system 2021-11-30
Report comment dispatched to cert@belnet.be by system 2021-11-30
Report comment dispatched to info@rtbf.be by system 2021-11-30
Report edited by
BloodyShell
2021-11-30
BloodyShell
2021-11-30
New PDF report generated by system 2021-11-30
Report dispatched to ...@... by system 2021-11-30
Report marked as fixed by
BloodyShell
2021-11-30
BloodyShell
2021-11-30
Report closed by
BloodyShell
2021-11-30
BloodyShell
2021-11-30
New PDF report generated by system 2021-11-30
Report edited by
BloodyShell
2021-12-06
BloodyShell
2021-12-06
New PDF report generated by system 2021-12-06
Information
Owner
rtbf.be
Created
2021-11-17 12:58
Updated
2021-12-06 16:56
Fixed
true
Contacts
d...@rtbf.be
v...@cert.be
c...@belnet.be
i...@rtbf.be
c...@rtbf.be
Status
Status
closed
Hosting contacted
false
CERT contacted
false
Download report