CVE-2017-7408: Input Validation
First published: Fri Apr 14 2017(Updated: )
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Traps | <=3.4.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7408?
CVE-2017-7408 has a medium severity level as it allows for denial of service.
How do I fix CVE-2017-7408?
To fix CVE-2017-7408, upgrade the Palo Alto Networks Traps ESM Console to version 3.4.4 or later.
What types of attacks are possible with CVE-2017-7408?
CVE-2017-7408 may allow attackers to exploit improper validation to cause a denial of service.
Which versions are affected by CVE-2017-7408?
Versions of Palo Alto Networks Traps ESM Console prior to 3.4.4 are affected by CVE-2017-7408.
Is CVE-2017-7408 specific to certain operating systems?
CVE-2017-7408 is not specific to any operating system but affects the Traps application itself.
- collector/nvd-index
- vendor/paloaltonetworks
- canonical/paloaltonetworks traps
- version/paloaltonetworks traps/3.4.3