CVE-2019-1583: XSS
First published: Fri Aug 23 2019(Updated: )
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and earlier allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the payload to execute on the victim.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Twistlock | <=19.07.357 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this vulnerability?
The vulnerability ID of this vulnerability is CVE-2019-1583.
What is the severity of CVE-2019-1583?
The severity of CVE-2019-1583 is high (8 out of 10).
What is the affected software?
The affected software is Palo Alto Networks Twistlock console version 19.07.358 and earlier.
What is the nature of the vulnerability?
The vulnerability allows a Twistlock user with Operator capabilities to escalate privileges to that of another user.
How can the vulnerability be fixed?
To fix the vulnerability, upgrade to a version later than 19.07.357 of Palo Alto Networks Twistlock console.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/paloaltonetworks
- canonical/paloaltonetworks twistlock
- version/paloaltonetworks twistlock/19.07.357