- Creation
- Validation
- Communication & fix
- Disclosure
FC Barcelona / Palo Alto (Global-network) instance is outdated
Deleted user
reported 2021-11-14
The following Palo Alto (Global-network) is publicly accessible and looks out-dated :
https://213.99.33.238/global-protect/login.esp
https://213.99.33.244/global-protect/login.esp
It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.
Reference:
- https://security.paloaltonetworks.com/CVE-2021-3064
- https://security.paloaltonetworks.com/CVE-2020-2021
- https://security.paloaltonetworks.com/CVE-2020-2034
IP:
213.99.33.238Port:
443Detected protocol:
httpsVulnerable URL:
https://213.99.33.238/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 12/2019
Version: 8.1.12
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2021-11-14
IP:
213.99.33.238Port:
443Detected protocol:
httpsVulnerable URL:
https://213.99.33.238/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 12/2019
Version: 8.1.12
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2021-11-14
IP:
213.99.33.238Port:
443Detected protocol:
httpsVulnerable URL:
https://213.99.33.238/global-protect/portal/images/favicon.icoFound PAN-OS web frontend
Last update: 12/2019
Version: 8.1.12
Affected by CVE-2020-2034
Affected by CVE-2020-2021
Affected by CVE-2021-3064
Found by PaloAltoPlugin 2021-11-15
Report created by
deleted-user
2021-11-14
deleted-user
2021-11-14
Report edited by
deleted-user
2021-11-14
deleted-user
2021-11-14
Report approved by
BloodyShell
2021-11-14
BloodyShell
2021-11-14
New PDF report generated by system 2021-11-14
Report dispatched to ...@... by system 2021-11-14
Report dispatched to ...@... by system 2021-11-14
Report dispatched to ...@... by system 2021-11-14
Report comment dispatched to BloodyShell by system 2021-11-14
Report comment dispatched to iampritam by system 2021-11-14
Report comment dispatched to fokoil by system 2021-11-14
Report comment dispatched to thLambda by system 2021-11-14
Report comment dispatched to BloodyShell by system 2021-11-15
Report comment dispatched to iampritam by system 2021-11-15
Report comment dispatched to fokoil by system 2021-11-15
Report comment dispatched to thLambda by system 2021-11-15
Report comment dispatched to BloodyShell by system 2021-11-16
Report comment dispatched to iampritam by system 2021-11-16
Report comment dispatched to fokoil by system 2021-11-16
Report comment dispatched to thLambda by system 2021-11-16
system
commented 2021-11-17:
approved
shows in report
bip! I'm a LeakIX probe. This issue looks like it has been resolved!
New PDF report generated by system 2021-11-17
Report comment dispatched to zythop by system 2021-11-17
Report comment dispatched to contact@fcbarcelona.cat by system 2021-11-17
Report comment dispatched to info@fcbarcelona.cat by system 2021-11-17
Report comment dispatched to cert@ciberseguretat.cat by system 2021-11-17
Report comment dispatched to BloodyShell by system 2021-12-05
Report comment dispatched to iampritam by system 2021-12-05
Report comment dispatched to fokoil by system 2021-12-05
Report comment dispatched to thLambda by system 2021-12-05
Report marked as fixed by
deleted-user
2021-12-12
deleted-user
2021-12-12
Report edited by
deleted-user
2021-12-12
deleted-user
2021-12-12
New PDF report generated by system 2021-12-12
Report closed by
deleted-user
2021-12-12
deleted-user
2021-12-12
New PDF report generated by system 2021-12-12
Information
Owner
FC Barcelona
Created
2021-11-14 19:23
Updated
2021-12-12 21:31
Fixed
true
Contacts
c...@fcbarcelona.cat
i...@fcbarcelona.cat
c...@ciberseguretat.cat
Status
Status
closed
Hosting contacted
false
CERT contacted
false
Download report