CVE-2019-15017

The SSH service is enabled on the Zingbox Inspector versions 1.294 and earlier, exposing SSH to the local network. When combined with PAN-SA-2019-0027, this can allow an attacker to authenticate to the service using hardcoded credentials.
References
Link Resource
https://security.paloaltonetworks.com/CVE-2019-15017 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:zingbox:inspector:*:*:*:*:*:*:*:*

History

04 Feb 2023, 00:22

Type Values Removed Values Added
References (MISC) https://security.paloaltonetworks.com/CVE-2019-15017 - (MISC) https://security.paloaltonetworks.com/CVE-2019-15017 - Third Party Advisory

Information

Published : 2019-10-09 21:15

Updated : 2023-12-10 13:13


NVD link : CVE-2019-15017

Mitre link : CVE-2019-15017

CVE.ORG link : CVE-2019-15017


JSON object : View

Products Affected

zingbox

  • inspector
CWE
CWE-798

Use of Hard-coded Credentials