The problem does not affect Cloud’s Cloud ngfw or software to access Prisma.
Greynoise said the abuse began on about Tuesday this week. AssetNote published a survey about the holes on Wednesday. Networks of Palo Alto publish their advice on that day.
‘The Good Morality of the Way’
Damage, Says Assemote, Apache Http Server Server of Pan-OS Server, which is, and Ninx, Web Applications to access the Pan-OS Control Information Interactive Pan-OS access to Pan-OS access Os. The first web application is hit by Ningx Reverse Proxy, and if the device is suspended to the administrative interface, the Pan-OS sets several articles; -Audor Check to off. The application is already in Apache, which will be activated and re-use the re-recording law. Based on the head.
The problem may be considered a way or topics differently from ninx before the access request is given to PHP, so if there is a difference between NINGX.
Assemote describes this as a “normal architectural” problems where authenticity is input to the proxy layer, but then the application is transferred by the second layer. “Certainly,” research note added, “those parts of the building lead to the head of the smuggling and confusion of the road, which can lead to many influential bugs.”
Source link