All the vulnerabilites related to Palo Alto Networks - PAN-OS
cve-2020-1979
Vulnerability from cvelistv5
Published
2020-03-11 18:58
Modified
2024-09-17 00:10
Summary
PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.395Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1979"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0*",
              "status": "unaffected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "7.1*",
              "status": "unaffected",
              "version": "7.1.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "N/A"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during an internal security review."
        }
      ],
      "datePublic": "2020-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-134",
              "description": "CWE-134 Use of Externally-Controlled Format String",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1979"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-97584"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-03-11T00:00:00",
          "value": "Initial publication"
        },
        {
          "lang": "en",
          "time": "2020-05-12T00:00:00",
          "value": "Updated attack vector, description and acknowledgement."
        }
      ],
      "title": "PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-03-11T16:00:00.000Z",
          "ID": "CVE-2020-1979",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "N/A"
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during an internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-134 Use of Externally-Controlled Format String"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1979",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1979"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-97584"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-03-11T00:00:00",
            "value": "Initial publication"
          },
          {
            "lang": "en",
            "time": "2020-05-12T00:00:00",
            "value": "Updated attack vector, description and acknowledgement."
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1979",
    "datePublished": "2020-03-11T18:58:21.177187Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:10:53.810Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2031
Vulnerability from cvelistv5
Published
2020-07-08 16:35
Modified
2024-09-16 17:58
Summary
PAN-OS: Integer underflow in the management interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. This issue does not impact PAN-OS 8.1, PAN-OS 9.0, or Prisma Access services."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-08T16:35:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2031"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.1.3 and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-100000"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-07-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Integer underflow in the management interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-07-08T16:00:00.000Z",
          "ID": "CVE-2020-2031",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Integer underflow in the management interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. This issue does not impact PAN-OS 8.1, PAN-OS 9.0, or Prisma Access services."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-191 Integer Underflow (Wrap or Wraparound)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2031",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2031"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.1.3 and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-100000"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-07-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2031",
    "datePublished": "2020-07-08T16:35:17.389144Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T17:58:42.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0023
Vulnerability from cvelistv5
Published
2022-04-13 18:35
Modified
2024-09-16 19:05
Summary
PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.446Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0023"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.2.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.22",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.22",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.13",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.5",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.10",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.16",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "3.0 Preferred, Innovation"
            },
            {
              "status": "unaffected",
              "version": "2.2 Preferred"
            },
            {
              "status": "unaffected",
              "version": "2.1 Preferred, Innovation"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS hardware and virtual firewalls with the DNS proxy feature enabled. You can verify whether DNS proxy is enabled by selecting \u0027Network \u003e DNS Proxy\u2019 from the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2022-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-13T18:35:10",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0023"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.22, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-164264"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-04-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy",
      "workarounds": [
        {
          "lang": "en",
          "value": "Customers with a Threat Prevention subscription can block attack traffic related to this vulnerability by enabling Threat ID 92406 (Applications and Threats content update 8556).\n\nTo completely mitigate the risk of this issue, temporarily disable the DNS proxy feature until you are able to upgrade your PAN-OS software to a fixed version."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
          "ID": "CVE-2022-0023",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.22"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.22"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.2",
                            "version_value": "10.2.*"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.16"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "3.0",
                            "version_value": "Preferred, Innovation"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "Preferred, Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS hardware and virtual firewalls with the DNS proxy feature enabled. You can verify whether DNS proxy is enabled by selecting \u0027Network \u003e DNS Proxy\u2019 from the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755 Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0023",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0023"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.22, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-164264"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-04-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Customers with a Threat Prevention subscription can block attack traffic related to this vulnerability by enabling Threat ID 92406 (Applications and Threats content update 8556).\n\nTo completely mitigate the risk of this issue, temporarily disable the DNS proxy feature until you are able to upgrade your PAN-OS software to a fixed version."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.1.4",
          "PAN-OS 10.1.3",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.9",
          "PAN-OS 10.0.8",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.12",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.15",
          "PAN-OS 9.0.14-h4",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0023",
    "datePublished": "2022-04-13T18:35:10.474819Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T19:05:33.962Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5918
Vulnerability from cvelistv5
Published
2024-11-14 09:38
Modified
2024-11-14 19:35
Summary
PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5918",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:58:52.114662Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:35:53.159Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4-h5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue impacts only firewalls on which you configured a GlobalProtect portal or GlobalProtect gateway to use Client Certificate Authentication and you set the \"Allow Authentication with User Credentials OR Client Certificate\" option to \"Yes\".\u003c/p\u003e\u003cp\u003eYou can verify whether you configured GlobalProtect portal or gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals or Network \u2192 GlobalProtect \u2192 Gateways).\u003c/p\u003e\u003cp\u003eIf you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured Client Certificate Authentication  on these portals and gateways by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication or Network \u2192 GlobalProtect \u2192 Gateways \u2192 (gateway-config) \u2192 Authentication).\u003c/p\u003e"
            }
          ],
          "value": "This issue impacts only firewalls on which you configured a GlobalProtect portal or GlobalProtect gateway to use Client Certificate Authentication and you set the \"Allow Authentication with User Credentials OR Client Certificate\" option to \"Yes\".\n\nYou can verify whether you configured GlobalProtect portal or gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals or Network \u2192 GlobalProtect \u2192 Gateways).\n\nIf you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured Client Certificate Authentication  on these portals and gateways by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication or Network \u2192 GlobalProtect \u2192 Gateways \u2192 (gateway-config) \u2192 Authentication)."
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you \"Allow Authentication with User Credentials OR Client Certificate.\""
            }
          ],
          "value": "An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you \"Allow Authentication with User Credentials OR Client Certificate.\""
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-151",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-151 Identity Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/AU:N/R:A/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:38:29.319Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.4-h5, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.4-h5, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-216947"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "You can mitigate this issue by setting the \"Allow Authentication with User Credentials OR Client Certificate\" option to \"No.\" Additional information is available here:\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab\"\u003e\u003c/a\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab\"\u003e\u003c/a\u003e\u003cdiv\u003e\u003cdiv\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab\u003c/a\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab\"\u003e\u003c/a\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
            }
          ],
          "value": "You can mitigate this issue by setting the \"Allow Authentication with User Credentials OR Client Certificate\" option to \"No.\" Additional information is available here:\n https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab \n  *   https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab   https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-web-interface-help/globalprotect/network-globalprotect-gateways/globalprotect-gateway-authentication-tab"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5918",
    "datePublished": "2024-11-14T09:38:29.319Z",
    "dateReserved": "2024-06-12T15:27:57.173Z",
    "dateUpdated": "2024-11-14T19:35:53.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2008
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 17:08
Summary
PAN-OS: OS command injection or arbitrary file deletion vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.559Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2008"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0*",
              "status": "unaffected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system\u0027s integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73 External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2008"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-102688"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection or arbitrary file deletion vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2008",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection or arbitrary file deletion vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system\u0027s integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-73 External Control of File Name or Path"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2008",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2008"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-102688"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2008",
    "datePublished": "2020-05-13T19:07:14.381957Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T17:08:04.547Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3062
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-17 02:42
Summary
PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.083Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "VM-Series"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.1 all"
            },
            {
              "status": "unaffected",
              "version": "2.2 all"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 on the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls. Prisma Access customers are not impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284 Improper Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:27",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3062"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions"
        }
      ],
      "source": {
        "defect": [
          "PAN-164422"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3062",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "VM-Series",
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "platform": "VM-Series",
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 on the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls. Prisma Access customers are not impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284 Improper Access Control"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3062",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3062"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions"
          }
        ],
        "source": {
          "defect": [
            "PAN-164422"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3062",
    "datePublished": "2021-11-10T17:10:27.900906Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T02:42:53.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0024
Vulnerability from cvelistv5
Published
2022-05-11 16:30
Modified
2024-09-17 02:21
Summary
PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.473Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0024"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.13",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.5",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.16",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.23",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.23",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.10",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "lessThan": "10.2*",
              "status": "unaffected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2022-05-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-138",
              "description": "CWE-138 Improper Neutralization of Special Elements",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-05-11T16:30:22",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0024"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-177551"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-05-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-05-11T16:00:00.000Z",
          "ID": "CVE-2022-0024",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.5"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.23"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.23"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.2",
                            "version_value": "10.2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-138 Improper Neutralization of Special Elements"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0024",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0024"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-177551"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-05-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.1.4-h4",
          "PAN-OS 10.1.4-h3",
          "PAN-OS 10.1.4-h2",
          "PAN-OS 10.1.4-h1",
          "PAN-OS 10.1.4",
          "PAN-OS 10.1.3",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.9",
          "PAN-OS 10.0.8-h8",
          "PAN-OS 10.0.8-h7",
          "PAN-OS 10.0.8-h6",
          "PAN-OS 10.0.8-h5",
          "PAN-OS 10.0.8-h4",
          "PAN-OS 10.0.8-h3",
          "PAN-OS 10.0.8-h2",
          "PAN-OS 10.0.8-h1",
          "PAN-OS 10.0.8",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.12-h3",
          "PAN-OS 9.1.12-h2",
          "PAN-OS 9.1.12-h1",
          "PAN-OS 9.1.12",
          "PAN-OS 9.1.11-h3",
          "PAN-OS 9.1.11-h2",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.15",
          "PAN-OS 9.0.14-h4",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.22",
          "PAN-OS 8.1.21-h1",
          "PAN-OS 8.1.21",
          "PAN-OS 8.1.20-h1",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0024",
    "datePublished": "2022-05-11T16:30:22.795895Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-17T02:21:50.846Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3383
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-09 20:22
Summary
PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.566Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3383"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3383",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-09T20:22:10.488052Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-09T20:22:18.991Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "9.1.0"
            },
            {
              "status": "unaffected",
              "version": "9.0.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device \u003e User Identification \u003e Cloud Identity Engine)."
            }
          ],
          "value": "This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device \u003e User Identification \u003e Cloud Identity Engine)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Rodgers Moore, CCIE# 8153 of Insight.com, for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."
            }
          ],
          "value": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-271",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-271 Schema Poisoning"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-282",
              "description": "CWE-282: Improper Ownership Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:15.823Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3383"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-211764",
          "PAN-218522"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3383",
    "datePublished": "2024-04-10T17:06:15.823Z",
    "dateReserved": "2024-04-05T17:40:16.359Z",
    "dateUpdated": "2024-08-09T20:22:18.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5917
Vulnerability from cvelistv5
Published
2024-11-14 09:39
Modified
2024-11-14 19:35
Summary
PAN-OS: Server-Side Request Forgery in WildFire
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_ngfw",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "11.2.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "11.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "11.0.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.2.2",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.7",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5917",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:58:18.463866Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:35:37.894Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.2",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.7",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \u2192 Setup \u2192 WildFire."
            }
          ],
          "value": "Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \u2192 Setup \u2192 WildFire."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Michael Baker from AC3"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible."
            }
          ],
          "value": "A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-664",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-664 Server Side Request Forgery"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:39:40.266Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-115469"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Server-Side Request Forgery in WildFire"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5917",
    "datePublished": "2024-11-14T09:39:40.266Z",
    "dateReserved": "2024-06-12T15:27:57.001Z",
    "dateUpdated": "2024-11-14T19:35:37.894Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0007
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0007",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-18T21:30:12.989872Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:58:43.367Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.121Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-0007"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Panorama"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.25",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.25",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.11",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.6",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2"
            },
            {
              "status": "unaffected",
              "version": "11.0"
            },
            {
              "status": "unaffected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-02-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator."
            }
          ],
          "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T17:32:08.971Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-0007"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed on Panorama in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed on Panorama in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-173112"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e\u003cbr\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94996 (Applications and Threats content update 8810)."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices .\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94996 (Applications and Threats content update 8810)."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0007",
    "datePublished": "2024-02-14T17:32:08.971Z",
    "dateReserved": "2023-11-09T18:55:58.478Z",
    "dateUpdated": "2024-08-01T17:41:15.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-2433
Vulnerability from cvelistv5
Published
2024-03-13 17:51
Modified
2024-08-12 18:54
Summary
PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:11:53.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-2433"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "9.0.17-h4",
                "status": "affected",
                "version": "9.0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.17",
                "status": "affected",
                "version": "9.1",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.12",
                "status": "affected",
                "version": "10.1",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.8",
                "status": "affected",
                "version": "10.2",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.3",
                "status": "affected",
                "version": "11.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "11.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "cloud_ngfw",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "prisma_access",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThanOrEqual": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2433",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-13T19:59:46.619572Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T18:54:08.465Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Panorama"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.12",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.8",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Omar Eissa (https://de.linkedin.com/in/oeissa) for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-03-13T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. \u003cbr\u003e\u003cbr\u003e\n\nThis issue affects only the web interface of the management plane; the dataplane is unaffected.\u003cbr\u003e"
            }
          ],
          "value": "An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. \n\n\n\nThis issue affects only the web interface of the management plane; the dataplane is unaffected.\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T17:51:45.578Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-2433"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in Panorama on PAN-OS 9.0.17-h4, PAN-OS 9.1.18, PAN-OS 10.1.12, PAN-OS 10.2.11, PAN-OS 11.0.4, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in Panorama on PAN-OS 9.0.17-h4, PAN-OS 9.1.18, PAN-OS 10.1.12, PAN-OS 10.2.11, PAN-OS 11.0.4, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-181876",
          "PAN-218663"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-13T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the effect of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the effect of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices .\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2433",
    "datePublished": "2024-03-13T17:51:45.578Z",
    "dateReserved": "2024-03-13T16:19:27.817Z",
    "dateUpdated": "2024-08-12T18:54:08.465Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3400
Vulnerability from cvelistv5
Published
2024-04-12 07:20
Modified
2024-08-01 20:12
Severity ?
Summary
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.2.9-h1 ",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.0.4-h1 ",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.1.2-h3 ",
                "status": "affected",
                "version": "11.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3400",
                "options": [
                  {
                    "Exploitation": "Active"
                  },
                  {
                    "Automatable": "Yes"
                  },
                  {
                    "Technical Impact": "Total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-17T04:00:13.543064Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-04-12",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-3400"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:31:26.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3400"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://unit42.paloaltonetworks.com/cve-2024-3400/"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/"
          },
          {
            "tags": [
              "technical-description",
              "x_transferred"
            ],
            "url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.1.0"
            },
            {
              "status": "unaffected",
              "version": "10.0.0"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.9-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.9-h1",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.4-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.4-h1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.2-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.2-h3",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\u003cbr\u003e\u003cbr\u003eYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Gateways or Network \u0026gt; GlobalProtect \u0026gt; Portals)."
            }
          ],
          "value": "This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\n\nYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways or Network \u003e GlobalProtect \u003e Portals)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Volexity for detecting and identifying this issue."
        },
        {
          "lang": "en",
          "type": "remediation verifier",
          "value": "Capability Development Group at Bishop Fox for helping us verify the fixes and improve threat prevention signatures."
        }
      ],
      "datePublic": "2024-04-12T06:55:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\u003cbr\u003e\u003cbr\u003eCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability."
            }
          ],
          "value": "A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\u003cbr\u003e\u003cbr\u003eMore information about the vulnerability\u0027s exploitation in the wild can be found in the Unit 42 threat brief (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://unit42.paloaltonetworks.com/cve-2024-3400/\"\u003ehttps://unit42.paloaltonetworks.com/cve-2024-3400/\u003c/a\u003e) and the Palo Alto Networks PSIRT blog post (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/)\"\u003ehttps://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/)\u003c/a\u003e."
            }
          ],
          "value": "Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\n\nMore information about the vulnerability\u0027s exploitation in the wild can be found in the Unit 42 threat brief ( https://unit42.paloaltonetworks.com/cve-2024-3400/ ) and the Palo Alto Networks PSIRT blog post ( https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/) ."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-248",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-248 Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-19T22:27:27.179Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-3400"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://unit42.paloaltonetworks.com/cve-2024-3400/"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/"
        },
        {
          "tags": [
            "technical-description"
          ],
          "url": "https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\u003cbr\u003e\u003cbr\u003eThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Customers who upgrade to these versions will be fully protected."
            }
          ],
          "value": "We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\n\nThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Customers who upgrade to these versions will be fully protected."
        }
      ],
      "source": {
        "defect": [
          "PAN-252214"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-12T06:55:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\u003cbr\u003e\u003cbr\u003eTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\"\u003ehttps://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\u003c/a\u003e for more information."
            }
          ],
          "value": "Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\n\nTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see  https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184  for more information."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3400",
    "datePublished": "2024-04-12T07:20:00.707Z",
    "dateReserved": "2024-04-05T17:40:30.117Z",
    "dateUpdated": "2024-08-01T20:12:06.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3382
Vulnerability from cvelistv5
Published
2024-04-10 17:05
Modified
2024-08-01 20:12
Summary
PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "9.0.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "9.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "10.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.2.7-h3",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.4",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.1.2",
                "status": "affected",
                "version": "11.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_ngfw",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "prisma_access",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3382",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-31T19:57:38.536146Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-31T20:04:14.546Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3382"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.1.0"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.7-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.7-h3",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.4",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.2",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies \u003e Decryption)."
            }
          ],
          "value": "This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies \u003e Decryption)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."
            }
          ],
          "value": "A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-131",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-131 Resource Leak Exposure"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:05:47.325Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3382"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-234921"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption)\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption)\u003c/a\u003e. Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion)\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion)\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator\u2019s guide for your PAN-OS software (such as PAN-OS 11.1:  https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption) . Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted ( https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion) .\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3382",
    "datePublished": "2024-04-10T17:05:47.325Z",
    "dateReserved": "2024-04-05T17:40:15.104Z",
    "dateUpdated": "2024-08-01T20:12:06.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2038
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 16:47
Summary
PAN-OS: OS command injection vulnerability in the management web interface
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2038"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/168408/Palo-Alto-Networks-Authenticated-Remote-Code-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-16T15:06:18",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2038"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/168408/Palo-Alto-Networks-Authenticated-Remote-Code-Execution.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-101484"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in the management web interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2038",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in the management web interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2038",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2038"
            },
            {
              "name": "http://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/168408/Palo-Alto-Networks-Authenticated-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/168408/Palo-Alto-Networks-Authenticated-Remote-Code-Execution.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-101484"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2038",
    "datePublished": "2020-09-09T16:45:26.588785Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:47:58.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1998
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:56
Summary
PAN-OS: Improper SAML SSO authorization of shared local users
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.579Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1998"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.1",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks would like to thank Maurice Lok-Hin for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285 Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1998"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-108992"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper SAML SSO authorization of shared local users",
      "workarounds": [
        {
          "lang": "en",
          "value": "The impact of this vulnerability can be mitigated by removing shared usernames between local linux users and SAML enabled users."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1998",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Improper SAML SSO authorization of shared local users"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks would like to thank Maurice Lok-Hin for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-285 Improper Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1998",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1998"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-108992"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "The impact of this vulnerability can be mitigated by removing shared usernames between local linux users and SAML enabled users."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1998",
    "datePublished": "2020-05-13T19:07:14.059174Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:56:06.792Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3037
Vulnerability from cvelistv5
Published
2021-04-20 03:15
Modified
2024-09-16 23:51
Summary
PAN-OS: Secrets for scheduled configuration exports are logged in system logs
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.613Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3037"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.19",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.19",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.13",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0*",
              "status": "unaffected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is only applicable to PAN-OS devices that have been configured to use scheduled configuration exports at any time."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer of Palo Alto Networks during a security review."
        }
      ],
      "datePublic": "2021-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-534",
              "description": "CWE-534 Information Exposure Through Debug Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-20T03:15:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3037"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.13, PAN-OS 9.1.4, and all later PAN-OS versions.\n\nAfter you upgrade the PAN-OS appliance, you must change the connection details used in scheduled configuration exports. You should also change the credentials on the destination server that are used to export the configuration."
        }
      ],
      "source": {
        "defect": [
          "PAN-131474"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-04-14T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Secrets for scheduled configuration exports are logged in system logs",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
          "ID": "CVE-2021-3037",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Secrets for scheduled configuration exports are logged in system logs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is only applicable to PAN-OS devices that have been configured to use scheduled configuration exports at any time."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer of Palo Alto Networks during a security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-534 Information Exposure Through Debug Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3037",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3037"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.13, PAN-OS 9.1.4, and all later PAN-OS versions.\n\nAfter you upgrade the PAN-OS appliance, you must change the connection details used in scheduled configuration exports. You should also change the credentials on the destination server that are used to export the configuration."
          }
        ],
        "source": {
          "defect": [
            "PAN-131474"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-04-14T00:00:00",
            "value": "Initial publication"
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3037",
    "datePublished": "2021-04-20T03:15:17.834239Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T23:51:58.522Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6791
Vulnerability from cvelistv5
Published
2023-12-13 18:30
Modified
2024-08-02 08:42
Summary
PAN-OS: Plaintext Disclosure of External System Integration Credentials
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.408Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6791"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.9",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface."
            }
          ],
          "value": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-701",
              "description": "CWE-701: Weakness Introduced During Design",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:30:17.115Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6791"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nYou should issue new credentials for the impacted external integrations after you upgrade your PAN-OS software to a fixed version to prevent the misuse of previously exposed credentials."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nYou should issue new credentials for the impacted external integrations after you upgrade your PAN-OS software to a fixed version to prevent the misuse of previously exposed credentials."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Plaintext Disclosure of External System Integration Credentials",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6791",
    "datePublished": "2023-12-13T18:30:17.115Z",
    "dateReserved": "2023-12-13T17:27:25.212Z",
    "dateUpdated": "2024-08-02T08:42:07.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2042
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-17 00:56
Summary
PAN-OS: Buffer overflow in the management web interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.582Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2042"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.1.*"
            },
            {
              "status": "unaffected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:28",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2042"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-145797",
          "PAN-150409"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow in the management web interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2042",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow in the management web interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.1",
                            "version_value": "9.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2042",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2042"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-145797",
            "PAN-150409"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2042",
    "datePublished": "2020-09-09T16:45:28.844038Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:56:17.352Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8687
Vulnerability from cvelistv5
Published
2024-09-11 16:40
Modified
2024-09-11 18:25
Summary
PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8687",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T18:23:36.439085Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T18:25:14.604Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.9",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.25",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.25",
              "status": "affected",
              "version": "8.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "GlobalProtect App",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "5.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.1.12",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "5.2.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.2.13",
              "status": "affected",
              "version": "5.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.0.7",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.1.2",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.2.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.2.1",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.3.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.2.9 on PAN-OS",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.9 on PAN-OS",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Impacted systems are those on which any of the following features are enabled:\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow User to Disable GlobalProtect App \u0026gt; Allow with Passcode\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow user to disconnect GlobalProtect App \u0026gt; Allow with Passcode\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow User to Uninstall GlobalProtect App \u0026gt; Allow with Password"
            }
          ],
          "value": "Impacted systems are those on which any of the following features are enabled:\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow User to Disable GlobalProtect App \u003e Allow with Passcode\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow user to disconnect GlobalProtect App \u003e Allow with Passcode\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow User to Uninstall GlobalProtect App \u003e Allow with Password"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claudiu Pancotan"
        }
      ],
      "datePublic": "2024-09-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so."
            }
          ],
          "value": "An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-383",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-383 Harvesting Information via API Event Monitoring"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T16:40:21.066Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-8687"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.\u003cbr\u003e\u003cbr\u003eTo maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.\u003cbr\u003e\u003cbr\u003eAll fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.\u003cbr\u003e\u003cbr\u003eYou can find additional information for PAN-204689 here: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues\"\u003ehttps://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues\u003c/a\u003e\n\nPrisma Access customers can open a support case to request an upgrade.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.\n\nTo maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.\n\nAll fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.\n\nYou can find additional information for PAN-204689 here:  https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues \n\nPrisma Access customers can open a support case to request an upgrade."
        }
      ],
      "source": {
        "defect": [
          "PAN-204689",
          "GPC-16848"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-11T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Change the following two settings (if enabled) to \"Allow with Ticket\":\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow User to Disable GlobalProtect App\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow user to disconnect GlobalProtect App\u003cbr\u003e\u003cbr\u003eChange the following setting (if enabled) to \"Disallow\":\u003cbr\u003e* Network \u0026gt; GlobalProtect \u0026gt; Portals \u0026gt;  \u0026gt; Agent \u0026gt;  \u0026gt; App \u0026gt; Allow User to Uninstall GlobalProtect App\u003cbr\u003e"
            }
          ],
          "value": "Change the following two settings (if enabled) to \"Allow with Ticket\":\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow User to Disable GlobalProtect App\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow user to disconnect GlobalProtect App\n\nChange the following setting (if enabled) to \"Disallow\":\n* Network \u003e GlobalProtect \u003e Portals \u003e  \u003e Agent \u003e  \u003e App \u003e Allow User to Uninstall GlobalProtect App"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-8687",
    "datePublished": "2024-09-11T16:40:21.066Z",
    "dateReserved": "2024-09-11T08:21:12.686Z",
    "dateUpdated": "2024-09-11T18:25:14.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0010
Vulnerability from cvelistv5
Published
2023-06-14 16:31
Modified
2024-08-02 04:54
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.569Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-0010"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Firewall"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.2",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.6",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.11",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue is applicable only to firewalls that are configured to use Captive Portal authentication.\u003c/p\u003e\u003cp\u003eOn PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: \u2018show deviceconfig setting captive-portal\u2019.\u003c/p\u003e"
            }
          ],
          "value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication.\n\nOn PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: \u2018show deviceconfig setting captive-portal\u2019.\n\n"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Lockheed Martin Red Team"
        }
      ],
      "datePublic": "2023-06-14T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user\u2019s browser when they click on a specifically crafted link.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user\u2019s browser when they click on a specifically crafted link.\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-14T16:31:35.543Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-0010"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-191662"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-06-14T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-0010",
    "datePublished": "2023-06-14T16:31:35.543Z",
    "dateReserved": "2022-10-27T18:48:19.535Z",
    "dateUpdated": "2024-08-02T04:54:32.569Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2007
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 03:08
Summary
PAN-OS: OS command injection in management server
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2007"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2007"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-102682"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection in management server",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2007",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection in management server"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2007",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2007"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-102682"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2007",
    "datePublished": "2020-05-13T19:07:14.342957Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T03:08:00.990Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3045
Vulnerability from cvelistv5
Published
2021-08-11 17:10
Modified
2024-09-16 23:35
Summary
PAN-OS: OS Command Argument Injection in Web Interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.191Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3045"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.19",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.19",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.10",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Brandon Vincent for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10. PAN-OS 10.0 and later versions are not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88 Argument Injection or Modification",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3045"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.10, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-147781"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Argument Injection in Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3045",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Argument Injection in Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Brandon Vincent for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10. PAN-OS 10.0 and later versions are not impacted."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-88 Argument Injection or Modification"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3045",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3045"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.10, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-147781"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3045",
    "datePublished": "2021-08-11T17:10:14.663259Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T23:35:37.560Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-38046
Vulnerability from cvelistv5
Published
2023-07-12 16:20
Modified
2024-08-02 17:30
Summary
PAN-OS: Read System Files and Resources During Configuration Commit
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T17:30:13.102Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-38046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1"
            },
            {
              "status": "unaffected",
              "version": "10.0"
            },
            {
              "status": "unaffected",
              "version": "9.1"
            },
            {
              "status": "unaffected",
              "version": "9.0"
            },
            {
              "status": "unaffected",
              "version": "8.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kajetan Rostojek"
        }
      ],
      "datePublic": "2023-07-12T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system."
            }
          ],
          "value": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-610",
              "description": "CWE-610 Externally Controlled Reference to a Resource in Another Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-09T05:21:39.901Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-38046"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-208922"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-12T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Read System Files and Resources During Configuration Commit",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to PAN-OS. You can mitigate the impact of this issue by following best practices for securing PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to PAN-OS. You can mitigate the impact of this issue by following best practices for securing PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices .\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-38046",
    "datePublished": "2023-07-12T16:20:06.175Z",
    "dateReserved": "2023-07-12T05:16:41.577Z",
    "dateUpdated": "2024-08-02T17:30:13.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0012
Vulnerability from cvelistv5
Published
2024-11-18 15:47
Modified
2024-11-19 04:55
Summary
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0012",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-11-18",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-0012"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T04:55:46.232Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.2.4-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.4-h1",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.5-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.5-h1",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.6-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.6-h1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.12-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.12-h2",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan\u003eThe risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cspan\u003eDirectly\u003cbr /\u003e\u003c/span\u003eor\u003c/li\u003e\u003cli\u003eThrough a dataplane interface that includes a management interface profile.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan\u003eThe risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eUse the following steps to identify your recently detected devices in our Internet scans:\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cspan\u003eTo find your known assets that require remediation action, visit the Assets section of Customer Support Portal at\u00a0\u003c/span\u003e\u003ca target=\"_blank\" href=\"https://support.paloaltonetworks.com/\"\u003e\u003cspan\u003ehttps://support.paloaltonetworks.com\u003c/span\u003e\u003c/a\u003e\u00a0\u003cspan\u003e(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\u003c/span\u003e\u003c/li\u003e\u003cli\u003eThe list of your known devices with an internet-facing management interface discovered in our scans are tagged with PAN-SA-2024-0015 with a last seen timestamp in UTC. If no such devices are listed, it indicates our scan did not find any devices with internet-facing management interface for your account in the last three days.\u003c/li\u003e\u003c/ol\u003e"
            }
          ],
          "value": "The risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:\n\n  *  Directly\nor\n  *  Through a dataplane interface that includes a management interface profile.\nThe risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.\n\nUse the following steps to identify your recently detected devices in our Internet scans:\n\n  *  To find your known assets that require remediation action, visit the Assets section of Customer Support Portal at\u00a0 https://support.paloaltonetworks.com https://support.paloaltonetworks.com/ \u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\n  *  The list of your known devices with an internet-facing management interface discovered in our scans are tagged with PAN-SA-2024-0015 with a last seen timestamp in UTC. If no such devices are listed, it indicates our scan did not find any devices with internet-facing management interface for your account in the last three days."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks our Deep Product Security Research Team for discovering this issue internally from threat activity."
        }
      ],
      "datePublic": "2024-11-18T14:20:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eAn authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://security.paloaltonetworks.com/CVE-2024-9474\"\u003eCVE-2024-9474\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practice deployment guidelines\u003c/a\u003e.\u003c/p\u003e\u003cp\u003eThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\u003c/p\u003e\u003cp\u003eCloud NGFW and Prisma Access are not impacted by this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like  CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 .\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended\u00a0 best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003ePalo Alto Networks observed threat activity that exploits this vulnerability against a limited number of management web interfaces that are exposed to internet traffic coming from outside the network.\u003c/span\u003e\u003cbr /\u003e"
            }
          ],
          "value": "Palo Alto Networks observed threat activity that exploits this vulnerability against a limited number of management web interfaces that are exposed to internet traffic coming from outside the network."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "If you configure restricted access to a jump box that is the only system allowed to access the management interface, you greatly reduce the risk of exploitation because attacks would require privileged access using only those IP addresses."
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306 Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-18T15:47:41.407Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-0012"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eWe strongly recommend that you secure access to your management interface following the instructions in the workarounds section below.\u003c/p\u003e\u003cp\u003e\u003cspan\u003eThis issue is fixed in PAN-OS 10.2.12-h2, PAN-OS 11.0.6-h1, PAN-OS 11.1.5-h1, PAN-OS 11.2.4-h1, and all later PAN-OS versions.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eIn addition, in an attempt to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\u003c/span\u003e\u003c/p\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003eAdditional PAN-OS 11.2 fixes:\u003cul\u003e\u003cli\u003e\u200b\u200b11.2.0-h1\u003c/li\u003e\u003cli\u003e11.2.1-h1\u003c/li\u003e\u003cli\u003e11.2.2-h2\u003c/li\u003e\u003cli\u003e11.2.3-h3\u003c/li\u003e\u003cli\u003e11.2.4-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 11.1 fixes:\u003cul\u003e\u003cli\u003e11.1.0-h4\u003c/li\u003e\u003cli\u003e11.1.1-h2\u003c/li\u003e\u003cli\u003e11.1.2-h15\u003c/li\u003e\u003cli\u003e11.1.3-h11\u003c/li\u003e\u003cli\u003e11.1.4-h7\u003c/li\u003e\u003cli\u003e11.1.5-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 11.0 fixes:\u003cul\u003e\u003cli\u003e11.0.0-h4\u003c/li\u003e\u003cli\u003e11.0.1-h5\u003c/li\u003e\u003cli\u003e11.0.2-h5\u003c/li\u003e\u003cli\u003e11.0.3-h13\u003c/li\u003e\u003cli\u003e11.0.4-h6\u003c/li\u003e\u003cli\u003e11.0.5-h2\u003c/li\u003e\u003cli\u003e11.0.6-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 10.2 fixes:\u003cul\u003e\u003cli\u003e10.2.0-h4\u003c/li\u003e\u003cli\u003e10.2.1-h3\u003c/li\u003e\u003cli\u003e10.2.2-h6\u003c/li\u003e\u003cli\u003e10.2.3-h14\u003c/li\u003e\u003cli\u003e10.2.4-h32\u003c/li\u003e\u003cli\u003e10.2.5-h9\u003c/li\u003e\u003cli\u003e10.2.6-h6\u003c/li\u003e\u003cli\u003e10.2.7-h18\u003c/li\u003e\u003cli\u003e10.2.8-h15\u003c/li\u003e\u003cli\u003e10.2.9-h16\u003c/li\u003e\u003cli\u003e10.2.10-h9\u003c/li\u003e\u003cli\u003e10.2.11-h6\u003c/li\u003e\u003cli\u003e10.2.12-h2\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e"
            }
          ],
          "value": "We strongly recommend that you secure access to your management interface following the instructions in the workarounds section below.\n\nThis issue is fixed in PAN-OS 10.2.12-h2, PAN-OS 11.0.6-h1, PAN-OS 11.1.5-h1, PAN-OS 11.2.4-h1, and all later PAN-OS versions.\n\nIn addition, in an attempt to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\n\n  *  Additional PAN-OS 11.2 fixes:  *  \u200b\u200b11.2.0-h1\n  *  11.2.1-h1\n  *  11.2.2-h2\n  *  11.2.3-h3\n  *  11.2.4-h1\n\n\n\n  *  Additional PAN-OS 11.1 fixes:  *  11.1.0-h4\n  *  11.1.1-h2\n  *  11.1.2-h15\n  *  11.1.3-h11\n  *  11.1.4-h7\n  *  11.1.5-h1\n\n\n\n  *  Additional PAN-OS 11.0 fixes:  *  11.0.0-h4\n  *  11.0.1-h5\n  *  11.0.2-h5\n  *  11.0.3-h13\n  *  11.0.4-h6\n  *  11.0.5-h2\n  *  11.0.6-h1\n\n\n\n  *  Additional PAN-OS 10.2 fixes:  *  10.2.0-h4\n  *  10.2.1-h3\n  *  10.2.2-h6\n  *  10.2.3-h14\n  *  10.2.4-h32\n  *  10.2.5-h9\n  *  10.2.6-h6\n  *  10.2.7-h18\n  *  10.2.8-h15\n  *  10.2.9-h16\n  *  10.2.10-h9\n  *  10.2.11-h6\n  *  10.2.12-h2"
        }
      ],
      "source": {
        "advisory": "PAN-SA-2024-0015",
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-18T14:20:00.000Z",
          "value": "CVE-2024-0012 assigned to this publication as the vulnerability is identified and fixed"
        },
        {
          "lang": "en",
          "time": "2024-11-15T22:00:00.000Z",
          "value": "Answered a FAQ about indicators of compromise"
        },
        {
          "lang": "en",
          "time": "2024-11-14T22:18:00.000Z",
          "value": "Raised the severity of PAN-SA-2024-0015 bulletin as we have observed threat activity"
        },
        {
          "lang": "en",
          "time": "2024-11-11T01:03:00.000Z",
          "value": "Added instructions to find your devices with an internet-facing management interface discovered in our scans"
        },
        {
          "lang": "en",
          "time": "2024-11-08T13:00:00.000Z",
          "value": "Initially published as PAN-SA-2024-0015"
        }
      ],
      "title": "PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan\u003eRecommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven\u2019t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eAdditionally, if you have a Threat Prevention subscription, you can block these attacks using Threat IDs 95746, 95747, 95752, 95753, 95759, and 95763 (available in Applications and Threats content version 8915-9075 and later). For these Threat IDs to protect against attacks for this vulnerability,\u003c/span\u003e\u003c/p\u003e\u003cspan\u003e\u003cul\u003e\u003cli\u003e\u003cspan\u003eEnsure that all the listed Threat IDs are set to block mode,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba\"\u003e\u003cspan\u003eRoute incoming traffic for the MGT port through a DP port\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e, e.g., enabling management profile on a DP interface for management access,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c\"\u003e\u003cspan\u003eReplace the Certificate for Inbound Traffic Management\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e,\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003ca target=\"_blank\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2\"\u003e\u003cspan\u003eDecrypt inbound traffic to the management interface so the firewall can inspect it\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e, and\u003c/span\u003e\u003c/li\u003e\u003cli\u003eEnable threat prevention on the inbound traffic to management services.\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e\u003cspan\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003cbr /\u003e\u003cul\u003e\u003cli\u003e\u003cspan\u003ePalo Alto Networks LIVEcommunity article:\u00a0\u003c/span\u003e\u003ca target=\"_blank\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/span\u003e\u003c/a\u003e\u003c/li\u003e\u003cli\u003ePalo Alto Networks official and more detailed technical documentation:\u00a0\u003ca target=\"_blank\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003e\u003cspan\u003ehttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\u003c/span\u003e\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
            }
          ],
          "value": "Recommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven\u2019t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.\n\nAdditionally, if you have a Threat Prevention subscription, you can block these attacks using Threat IDs 95746, 95747, 95752, 95753, 95759, and 95763 (available in Applications and Threats content version 8915-9075 and later). For these Threat IDs to protect against attacks for this vulnerability,\n\n  *  Ensure that all the listed Threat IDs are set to block mode,\n  *   Route incoming traffic for the MGT port through a DP port https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba , e.g., enabling management profile on a DP interface for management access,\n  *   Replace the Certificate for Inbound Traffic Management https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c ,\n  *   Decrypt inbound traffic to the management interface so the firewall can inspect it https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2 , and\n  *  Enable threat prevention on the inbound traffic to management services.\n\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n  *  Palo Alto Networks LIVEcommunity article:\u00a0 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n  *  Palo Alto Networks official and more detailed technical documentation:\u00a0 https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0012",
    "datePublished": "2024-11-18T15:47:41.407Z",
    "dateReserved": "2023-11-09T18:56:17.699Z",
    "dateUpdated": "2024-11-19T04:55:46.232Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5920
Vulnerability from cvelistv5
Published
2024-11-14 09:40
Modified
2024-11-14 19:35
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5920",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:57:37.177943Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:35:21.731Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "changes": [
                {
                  "at": "11.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.4",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.6",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.11",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Kajetan Rostojek"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator\u0027s browser."
            }
          ],
          "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator\u0027s browser."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-592",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-592 Stored XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:40:14.513Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.4, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.4, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-222484"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5920",
    "datePublished": "2024-11-14T09:40:14.513Z",
    "dateReserved": "2024-06-12T15:27:57.515Z",
    "dateUpdated": "2024-11-14T19:35:21.731Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6795
Vulnerability from cvelistv5
Published
2023-12-13 18:17
Modified
2024-08-02 08:42
Summary
PAN-OS: OS Command Injection Vulnerability in the Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:08.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6795"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.12",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.9",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
            }
          ],
          "value": "An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:17:43.368Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6795"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability in the Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6795",
    "datePublished": "2023-12-13T18:17:43.368Z",
    "dateReserved": "2023-12-13T17:27:27.372Z",
    "dateUpdated": "2024-08-02T08:42:08.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0011
Vulnerability from cvelistv5
Published
2022-02-10 18:10
Modified
2024-09-16 23:51
Summary
PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.438Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "9.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.21",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.21",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.12",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "3.0 Preferred, Innovation"
            },
            {
              "status": "affected",
              "version": "2.2 Preferred"
            },
            {
              "status": "affected",
              "version": "2.1 Preferred, Innovation"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only when you configure exceptions to URL filtering either by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile as per https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/url-filtering/block-and-allow-lists.html."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Chris Johnston of PricewaterhouseCoopers for discovering and reporting this issue."
        }
      ],
      "datePublic": "2022-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the specified pattern is considered a match. Entries with a caret (^) at the end of a hostname pattern match any top level domain. This may inadvertently allow or block more URLs than intended and allowing more URLs than intended represents a security risk. For example: example.com will match example.com.website.test example.com.* will match example.com.website.test example.com.^ will match example.com.test You should take special care when using such entries in policy rules that allow traffic. Where possible, use the exact list of hostname names ending with a forward slash (/) instead of using wildcards. PAN-OS 10.1 versions earlier than PAN-OS 10.1.3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 9.1 versions earlier than PAN-OS 9.1.12; all PAN-OS 9.0 versions; PAN-OS 8.1 versions earlier than PAN-OS 8.1.21, and Prisma Access 2.2 and 2.1 versions do not allow customers to change this behavior without changing the URL category list or EDL."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436 Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-10T18:10:15",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0011"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "PAN-OS 8.1.21, PAN-OS 9.1.12, PAN-OS 10.0.8, PAN-OS 10.1.3, Prisma Access 3.0 Preferred, and Prisma Access 3.0 Innovation all include a customer configurable option to automatically append a forward slash at the end of the hostname pattern for entries without an ending token in a custom URL category list or in an external dynamic list (EDL).\n\nPrisma Access customers should refer to \u201cSTEP 7\u201d in the following Prisma Access 3.0 documentation to enable this feature:\n\nhttps://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/prisma-access-service-infrastructure/enable-the-service-infrastructure.html\n\nFor other PAN-OS appliances, this option is enabled by running these CLI commands:\n  debug device-server append-end-token on\n  commit force\n\nNote: This option is disabled by default on PAN-OS 8.1, PAN-OS 9.1, PAN-OS 10.0, and PAN-OS 10.1. This option will be enabled by default starting with the next major version of PAN-OS. This option is not available on PAN-OS 9.0. Customers with PAN-OS 9.0 are advised to apply workarounds or upgrade to PAN-OS 9.1 or a later version.\n\nAdditionally, customers must evaluate their custom URL category list or their external dynamic list (EDL) and any firewall policy rules that depend on them to determine whether this option provides the desired policy rule enforcement.\n\nExample 1: If the firewall policy rule is intended to allow only \u0027www.example.com\u0027 and not to allow access to any other site, such as www.example.com.webiste.test, then use the \"debug device-server append-end-token on\" CLI command.\n\nExample 2: If the firewall policy rule is set to block access to \u0027www.example.co\u0027 and block access to sites such as www.example.com, www.example.co.az, then keep the default setting (\"debug device-server append-end-token off\" CLI command). You should always use the most appropriate token if you need to match multiple hostnames in a policy rule."
        }
      ],
      "source": {
        "defect": [
          "PAN-174443"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-02-09T00:00:00",
          "value": "initial publication"
        }
      ],
      "title": "PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering",
      "workarounds": [
        {
          "lang": "en",
          "value": "Add a forward slash (/) at the end of the hostname pattern for all entries in the custom URL category list or the external dynamic list (EDL).\n\nFor example:\n  example.com/ will not match example.com.website.test"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-02-09T17:00:00.000Z",
          "ID": "CVE-2022-0011",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "3.0",
                            "version_value": "Preferred, Innovation"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.2",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred, Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only when you configure exceptions to URL filtering either by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile as per https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/url-filtering/block-and-allow-lists.html."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Chris Johnston of PricewaterhouseCoopers for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the specified pattern is considered a match. Entries with a caret (^) at the end of a hostname pattern match any top level domain. This may inadvertently allow or block more URLs than intended and allowing more URLs than intended represents a security risk. For example: example.com will match example.com.website.test example.com.* will match example.com.website.test example.com.^ will match example.com.test You should take special care when using such entries in policy rules that allow traffic. Where possible, use the exact list of hostname names ending with a forward slash (/) instead of using wildcards. PAN-OS 10.1 versions earlier than PAN-OS 10.1.3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 9.1 versions earlier than PAN-OS 9.1.12; all PAN-OS 9.0 versions; PAN-OS 8.1 versions earlier than PAN-OS 8.1.21, and Prisma Access 2.2 and 2.1 versions do not allow customers to change this behavior without changing the URL category list or EDL."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-436 Interpretation Conflict"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0011",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0011"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "PAN-OS 8.1.21, PAN-OS 9.1.12, PAN-OS 10.0.8, PAN-OS 10.1.3, Prisma Access 3.0 Preferred, and Prisma Access 3.0 Innovation all include a customer configurable option to automatically append a forward slash at the end of the hostname pattern for entries without an ending token in a custom URL category list or in an external dynamic list (EDL).\n\nPrisma Access customers should refer to \u201cSTEP 7\u201d in the following Prisma Access 3.0 documentation to enable this feature:\n\nhttps://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/prisma-access-service-infrastructure/enable-the-service-infrastructure.html\n\nFor other PAN-OS appliances, this option is enabled by running these CLI commands:\n  debug device-server append-end-token on\n  commit force\n\nNote: This option is disabled by default on PAN-OS 8.1, PAN-OS 9.1, PAN-OS 10.0, and PAN-OS 10.1. This option will be enabled by default starting with the next major version of PAN-OS. This option is not available on PAN-OS 9.0. Customers with PAN-OS 9.0 are advised to apply workarounds or upgrade to PAN-OS 9.1 or a later version.\n\nAdditionally, customers must evaluate their custom URL category list or their external dynamic list (EDL) and any firewall policy rules that depend on them to determine whether this option provides the desired policy rule enforcement.\n\nExample 1: If the firewall policy rule is intended to allow only \u0027www.example.com\u0027 and not to allow access to any other site, such as www.example.com.webiste.test, then use the \"debug device-server append-end-token on\" CLI command.\n\nExample 2: If the firewall policy rule is set to block access to \u0027www.example.co\u0027 and block access to sites such as www.example.com, www.example.co.az, then keep the default setting (\"debug device-server append-end-token off\" CLI command). You should always use the most appropriate token if you need to match multiple hostnames in a policy rule."
          }
        ],
        "source": {
          "defect": [
            "PAN-174443"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-02-09T00:00:00",
            "value": "initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Add a forward slash (/) at the end of the hostname pattern for all entries in the custom URL category list or the external dynamic list (EDL).\n\nFor example:\n  example.com/ will not match example.com.website.test"
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.2",
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h3",
          "PAN-OS 9.1.11-h2",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.15",
          "PAN-OS 9.0.14-h4",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20-h1",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0011",
    "datePublished": "2022-02-10T18:10:15.524395Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T23:51:26.574Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8688
Vulnerability from cvelistv5
Published
2024-09-11 16:40
Modified
2024-09-11 18:24
Summary
PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8688",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T18:23:35.134977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T18:24:45.419Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.15",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.10",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.1",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "status": "unaffected",
              "version": "11.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Matei \"Mal\" Badanoiu of Deloitte"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Martin Smid of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-09-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall."
            }
          ],
          "value": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-6",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-6 Argument Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-155",
              "description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T16:48:22.674Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-8688"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.1.15, PAN-OS 10.0.10, PAN-OS 10.1.1, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.1.15, PAN-OS 10.0.10, PAN-OS 10.1.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-151792",
          "PAN-82874"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-11T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-8688",
    "datePublished": "2024-09-11T16:40:50.806Z",
    "dateReserved": "2024-09-11T08:21:13.753Z",
    "dateUpdated": "2024-09-11T18:24:45.419Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3036
Vulnerability from cvelistv5
Published
2021-04-20 03:15
Modified
2024-09-17 04:28
Summary
PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.755Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3036"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.19",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.19",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.12",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.6",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks David Tien of Cyber Risk for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Information Exposure Through Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-20T03:15:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3036"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.12, PAN-OS 9.1.6, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nAfter you upgrade the PAN-OS appliance, you must change the passwords and generate a new API key for all impacted PAN-OS administrators."
        }
      ],
      "source": {
        "defect": [
          "PAN-154114"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-04-14T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly",
      "workarounds": [
        {
          "lang": "en",
          "value": "You must change the passwords and generate a new API key for all impacted PAN-OS administrators. Confirm that there aren\u2019t any PAN-OS XML API requests that repeat API parameters in the request."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-04-14T16:00:00.000Z",
          "ID": "CVE-2021-3036",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks David Tien of Cyber Risk for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-532 Information Exposure Through Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3036",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3036"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.12, PAN-OS 9.1.6, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nAfter you upgrade the PAN-OS appliance, you must change the passwords and generate a new API key for all impacted PAN-OS administrators."
          }
        ],
        "source": {
          "defect": [
            "PAN-154114"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-04-14T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You must change the passwords and generate a new API key for all impacted PAN-OS administrators. Confirm that there aren\u2019t any PAN-OS XML API requests that repeat API parameters in the request."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3036",
    "datePublished": "2021-04-20T03:15:17.198767Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T04:28:51.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9468
Vulnerability from cvelistv5
Published
2024-10-09 17:05
Modified
2024-10-18 11:53
Summary
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9468",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-09T21:06:48.028506Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T21:06:56.884Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.9-h11",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h4",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.9-h11",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.4-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.4-h5",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.3",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue affects only PAN-OS configurations where both of the following are true:\u003cbr\u003e* Threat Prevention is enabled, and\u003cbr\u003e* The TP signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile."
            }
          ],
          "value": "This issue affects only PAN-OS configurations where both of the following are true:\n* Threat Prevention is enabled, and\n* The TP signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Jeff Luo of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-10-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode."
            }
          ],
          "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "HIGH",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-18T11:53:46.752Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-9468"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-244840"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-09T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)."
            }
          ],
          "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-9468",
    "datePublished": "2024-10-09T17:05:29.055Z",
    "dateReserved": "2024-10-03T11:35:15.246Z",
    "dateUpdated": "2024-10-18T11:53:46.752Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3064
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-17 03:28
Severity ?
Summary
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3064"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "9.1.*"
            },
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.17",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.2 all"
            },
            {
              "status": "unaffected",
              "version": "2.1 all"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:30",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3064"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-96528"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces",
      "workarounds": [
        {
          "lang": "en",
          "value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3064",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.1",
                            "version_value": "9.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3064",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3064"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-96528"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3064",
    "datePublished": "2021-11-10T17:10:31.046205Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T03:28:39.041Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2034
Vulnerability from cvelistv5
Published
2020-07-08 16:35
Modified
2024-09-16 19:46
Summary
PAN-OS: OS command injection vulnerability in GlobalProtect portal
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2034"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.15",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only where GlobalProtect portal is enabled."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-08T16:35:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2034"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-145587"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-07-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in GlobalProtect portal",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-07-08T16:00:00.000Z",
          "ID": "CVE-2020-2034",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in GlobalProtect portal"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only where GlobalProtect portal is enabled."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2034",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2034"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-145587"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-07-08T00:00:00",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2034",
    "datePublished": "2020-07-08T16:35:17.820922Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:46:13.523Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3388
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Summary
PAN-OS: User Impersonation in GlobalProtect SSL VPN
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3388",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-15T14:39:04.465851Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:32:48.331Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.617Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3388"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.26",
              "status": "affected",
              "version": "8.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11-h4",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.7-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.7-h3",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel."
            }
          ],
          "value": "This issue applies only to PAN-OS firewall configurations with an enabled GlobalProtect gateway and where you are permitting use of the SSL VPN either as a fallback or as the only available tunnel mode. You should verify whether you have a configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways). You can also verify:\n- Whether SSL VPN fallback is permitted (check to see if the \"Disable Automatic Restoration of SSL VPN\" option is disabled in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Connection Settings) or;\n- Whether SSL VPN is the only available tunnel mode (check to see if \"Enable IPSec\" is disabled (unchecked) in the GlobalProtect Gateway Configuration dialog by selecting Agent \u003e Tunnel Settings).\nBy default, both PAN-OS firewalls and Prisma Access use the SSL VPN only when the endpoint fails to successfully establish an IPSec tunnel."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Ta-Lun Yen of TXOne Networks for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets."
            }
          ],
          "value": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-194",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-194 Fake the Source of Data"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863 Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:40.685Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3388"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h4, PAN-OS 10.2.7-h3, PAN-OS 11.0.3, and all later PAN-OS versions. This issue is fixed in Prisma Access 10.2.4 and later.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-224964"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: User Impersonation in GlobalProtect SSL VPN",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network \u003e GlobalProtect Gateways \u003e \u003cgateway-config\u003e \u003e GlobalProtect Gateway Configuration \u003e Agent \u003e Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.\u003cbr\u003e"
            }
          ],
          "value": "You can enable the \"Disable Automatic Restoration of SSL VPN\" (Network \u003e GlobalProtect Gateways \u003e  \u003e GlobalProtect Gateway Configuration \u003e Agent \u003e Connection Settings) on PAN-OS firewalls with the GlobalProtect feature enabled to mitigate this vulnerability.\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3388",
    "datePublished": "2024-04-10T17:06:40.685Z",
    "dateReserved": "2024-04-05T17:40:20.687Z",
    "dateUpdated": "2024-08-01T20:12:06.617Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0011
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0011",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-14T19:24:56.532361Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:19.407Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.533Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-0011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.13",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.11",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2"
            },
            {
              "status": "unaffected",
              "version": "11.0"
            },
            {
              "status": "unaffected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication. You can verify whether you have Captive Portal configured in the Captive Portal Settings page (Device \u0026gt; User Identification \u0026gt; Captive Portal Settings)."
            }
          ],
          "value": "This issue is applicable only to firewalls that are configured to use Captive Portal authentication. You can verify whether you have Captive Portal configured in the Captive Portal Settings page (Device \u003e User Identification \u003e Captive Portal Settings)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Darek Jensen and an external reporter for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-02-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
            }
          ],
          "value": "A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T17:32:34.809Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-0011"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.13, PAN-OS 10.0.11, PAN-OS 10.1.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.13, PAN-OS 10.0.11, PAN-OS 10.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-175970"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 93070 (Applications and Threats content update 8810).\u003cbr\u003e"
            }
          ],
          "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 93070 (Applications and Threats content update 8810).\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0011",
    "datePublished": "2024-02-14T17:32:34.809Z",
    "dateReserved": "2023-11-09T18:56:10.434Z",
    "dateUpdated": "2024-08-01T17:41:15.533Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2014
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 19:30
Summary
PAN-OS: OS injection vulnerability in PAN-OS management server
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2014"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2014"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-127118"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS injection vulnerability in PAN-OS management server",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2014",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS injection vulnerability in PAN-OS management server"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2014",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2014"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-127118"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2014",
    "datePublished": "2020-05-13T19:07:14.616079Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:30:56.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2010
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 16:33
Summary
PAN-OS: Authenticated user command injection vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2010"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:22:50",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2010"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-126362"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authenticated user command injection vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2010",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Authenticated user command injection vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2010",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2010"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-126362"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2010",
    "datePublished": "2020-05-13T19:07:14.455972Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:33:43.415Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3052
Vulnerability from cvelistv5
Published
2021-09-08 17:10
Modified
2024-09-16 20:02
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.871Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3052"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.10",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.2",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Cristian Mocanu and Dan Marin of Deloitte for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.20; PAN-OS 9.0 versions earlier than 9.0.14; PAN-OS 9.1 versions earlier than 9.1.10; PAN-OS 10.0 versions earlier than 10.0.2. This issue does not affect Prisma Access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-08T17:10:18",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3052"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-150337"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-09-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00.000Z",
          "ID": "CVE-2021-3052",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.2"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Cristian Mocanu and Dan Marin of Deloitte for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.20; PAN-OS 9.0 versions earlier than 9.0.14; PAN-OS 9.1 versions earlier than 9.1.10; PAN-OS 10.0 versions earlier than 10.0.2. This issue does not affect Prisma Access."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3052",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3052"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-150337"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-09-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3052",
    "datePublished": "2021-09-08T17:10:18.120492Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T20:02:59.171Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3059
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 17:03
Summary
PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.098Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "2.1 Innovation"
            },
            {
              "status": "affected",
              "version": "2.1 Preferred"
            },
            {
              "lessThan": "2.2*",
              "status": "unaffected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:23",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-176618"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates",
      "workarounds": [
        {
          "lang": "en",
          "value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3059",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Innovation"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3059",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-176618"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3059",
    "datePublished": "2021-11-10T17:10:23.093770Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T17:03:16.819Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1990
Vulnerability from cvelistv5
Published
2020-04-08 18:41
Modified
2024-09-17 01:16
Summary
PAN-OS: Buffer overflow in the management server
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1990"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-08T18:41:58",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1990"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-121319"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-04-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow in the management server",
      "workarounds": [
        {
          "lang": "en",
          "value": "These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
          "ID": "CVE-2020-1990",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow in the management server"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1990",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1990"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-121319"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-04-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1990",
    "datePublished": "2020-04-08T18:41:58.493602Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:16:16.817Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3058
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 22:52
Summary
PAN-OS: OS Command Injection Vulnerability in Web Interface XML API
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3058"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.1 all"
            },
            {
              "status": "unaffected",
              "version": "2.2 all"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:21",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3058"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-176653"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability in Web Interface XML API",
      "workarounds": [
        {
          "lang": "en",
          "value": "Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3058",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection Vulnerability in Web Interface XML API"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3058",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3058"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-176653"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3058",
    "datePublished": "2021-11-10T17:10:21.556749Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T22:52:16.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0028
Vulnerability from cvelistv5
Published
2022-08-10 16:00
Modified
2024-09-16 23:56
Summary
PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:8.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "8.1.23-h",
                "status": "affected",
                "version": "8.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "9.0.16-h3",
                "status": "affected",
                "version": "9.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "9.1 \u003c 9.1.14-h4",
                "status": "affected",
                "version": "9.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.0.11-h1",
                "status": "affected",
                "version": "10.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.1.6-h6",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.2.2-h2",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-0028",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-16T04:00:16.271617Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-08-22",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2022-0028"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-06T13:45:09.148Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.409Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0028"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.23-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.23-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.16-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.16-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.14-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.14-h4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.11-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.11-h1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.6-h6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.6-h6",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.2-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.2-h2",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.1 All"
            },
            {
              "status": "unaffected",
              "version": "2.2 All"
            },
            {
              "status": "unaffected",
              "version": "3.0 All"
            },
            {
              "status": "unaffected",
              "version": "3.1 All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP Syn With Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CERT-XLM for reporting this issue."
        }
      ],
      "datePublic": "2022-08-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-406",
              "description": "CWE-406 Insufficient Control of Network Message Volume (Network Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-10T16:00:16",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0028"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration\n\nWe intend to fix this issue for PA-Series, VM-Series and CN-Series firewalls with a fix in the following PAN-OS software releases: PAN-OS 8.1.23-h1 (ETA: week of August 8, 2022), PAN-OS 9.0.16-h3 (ETA: week of August 15, 2022), PAN-OS 9.1.14-h4 (ETA: week of August 15, 2022), PAN-OS 10.0.11-h1 (ETA: week of August 15, 2022), PAN-OS 10.1.6-h6 (ETA: week of August 8, 2022), and PAN-OS 10.2.2-h2 (ETA: week of August 15, 2022).\n\nWe expect to release all PAN-OS software updates for this issue no later than the week of August 15, 2022."
        }
      ],
      "source": {
        "defect": [
          "PAN-192999"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-08-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering",
      "workarounds": [
        {
          "lang": "en",
          "value": "If you have a URL filtering policy with one or more blocked categories assigned to a source zone that has an external facing network interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP SYN with Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nOR\n2. Flood protection (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\n1. It is not necessary nor advantageous to apply both the attack and flood protections. \n2. (Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how  enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-08-10T16:00:00.000Z",
          "ID": "CVE-2022-0028",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cloud NGFW",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_value": "All"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.23-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.16-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.14-h4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.11-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.6-h6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.2",
                            "version_value": "10.2.2-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.23-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.16-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.14-h4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.11-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.6-h6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.2",
                            "version_value": "10.2.2-h2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "All"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "All"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "3.0",
                            "version_value": "All"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "3.1",
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP Syn With Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CERT-XLM for reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-406 Insufficient Control of Network Message Volume (Network Amplification)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0028",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0028"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration\n\nWe intend to fix this issue for PA-Series, VM-Series and CN-Series firewalls with a fix in the following PAN-OS software releases: PAN-OS 8.1.23-h1 (ETA: week of August 8, 2022), PAN-OS 9.0.16-h3 (ETA: week of August 15, 2022), PAN-OS 9.1.14-h4 (ETA: week of August 15, 2022), PAN-OS 10.0.11-h1 (ETA: week of August 15, 2022), PAN-OS 10.1.6-h6 (ETA: week of August 8, 2022), and PAN-OS 10.2.2-h2 (ETA: week of August 15, 2022).\n\nWe expect to release all PAN-OS software updates for this issue no later than the week of August 15, 2022."
          }
        ],
        "source": {
          "defect": [
            "PAN-192999"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-08-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "If you have a URL filtering policy with one or more blocked categories assigned to a source zone that has an external facing network interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection \u003e TCP Drop \u003e TCP SYN with Data) and (Packet Based Attack Protection \u003e TCP Drop \u003e Strip TCP Options \u003e TCP Fast Open);\nOR\n2. Flood protection (Flood Protection \u003e SYN \u003e Action \u003e SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\n1. It is not necessary nor advantageous to apply both the attack and flood protections. \n2. (Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how  enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection"
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.2.2-h1",
          "PAN-OS 10.2.2",
          "PAN-OS 10.2.1",
          "PAN-OS 10.2.0",
          "PAN-OS 10.2",
          "PAN-OS 10.1.6-h5",
          "PAN-OS 10.1.6-h4",
          "PAN-OS 10.1.6-h3",
          "PAN-OS 10.1.6-h2",
          "PAN-OS 10.1.6-h1",
          "PAN-OS 10.1.6",
          "PAN-OS 10.1.5-h2",
          "PAN-OS 10.1.5-h1",
          "PAN-OS 10.1.5",
          "PAN-OS 10.1.4-h4",
          "PAN-OS 10.1.4-h3",
          "PAN-OS 10.1.4-h2",
          "PAN-OS 10.1.4-h1",
          "PAN-OS 10.1.4",
          "PAN-OS 10.1.3",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.11",
          "PAN-OS 10.0.10",
          "PAN-OS 10.0.9",
          "PAN-OS 10.0.8-h8",
          "PAN-OS 10.0.8-h7",
          "PAN-OS 10.0.8-h6",
          "PAN-OS 10.0.8-h5",
          "PAN-OS 10.0.8-h4",
          "PAN-OS 10.0.8-h3",
          "PAN-OS 10.0.8-h2",
          "PAN-OS 10.0.8-h1",
          "PAN-OS 10.0.8",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.14-h3",
          "PAN-OS 9.1.14-h2",
          "PAN-OS 9.1.14-h1",
          "PAN-OS 9.1.14",
          "PAN-OS 9.1.13-h3",
          "PAN-OS 9.1.13-h2",
          "PAN-OS 9.1.13-h1",
          "PAN-OS 9.1.13",
          "PAN-OS 9.1.12-h3",
          "PAN-OS 9.1.12-h2",
          "PAN-OS 9.1.12-h1",
          "PAN-OS 9.1.12",
          "PAN-OS 9.1.11-h3",
          "PAN-OS 9.1.11-h2",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.16-h2",
          "PAN-OS 9.0.16-h1",
          "PAN-OS 9.0.16",
          "PAN-OS 9.0.15",
          "PAN-OS 9.0.14-h4",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.23",
          "PAN-OS 8.1.22",
          "PAN-OS 8.1.21-h1",
          "PAN-OS 8.1.21",
          "PAN-OS 8.1.20-h1",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0028",
    "datePublished": "2022-08-10T16:00:16.743987Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T23:56:00.722Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2006
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 16:57
Summary
PAN-OS: Buffer overflow in management server payload parser
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2006"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-100855"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow in management server payload parser",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2006",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow in management server payload parser"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2006",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2006"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-100855"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2006",
    "datePublished": "2020-05-13T19:07:14.307575Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:57:44.922Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0022
Vulnerability from cvelistv5
Published
2022-03-09 17:35
Modified
2024-09-16 20:47
Summary
PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0022"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "status": "affected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "10.2.*"
            },
            {
              "changes": [
                {
                  "at": "9.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.21",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.21",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.7",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "3.0 Preferred, Innovation"
            },
            {
              "status": "unaffected",
              "version": "2.2 Preferred"
            },
            {
              "status": "unaffected",
              "version": "2.1 Preferred, Innovation"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
        }
      ],
      "datePublic": "2022-03-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-916",
              "description": "CWE-916 Use of Password Hash With Insufficient Computational Effort",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-09T17:35:09",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2022-0022"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-127479"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-03-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes",
      "workarounds": [
        {
          "lang": "en",
          "value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2022-03-09T17:00:00.000Z",
          "ID": "CVE-2022-0022",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.7"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.2",
                            "version_value": "10.2.*"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "3.0",
                            "version_value": "Preferred, Innovation"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "Preferred, Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewalls and Panorama appliances running in normal (non-FIPS-CC) operational mode. PAN-OS software is not affected by this issue when running in FIPS-CC mode."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks an external security researcher for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-916 Use of Password Hash With Insufficient Computational Effort"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2022-0022",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2022-0022"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.1.11, PAN-OS 10.0.7, and all later PAN-OS versions.\n\nThe passwords for all existing local user and administrator accounts must be changed after PAN-OS is upgraded to a fixed version to leverage the more secure cryptography for password hashes. You cannot update existing password hashes. All new local user and administrator accounts will use secure cryptography.\n\nPAN-OS 9.0 is end-of-life as of March 1, 2022, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-127479"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Ensure that any exported firewall configuration files are secured and that only trusted users have firewall management access to prevent the exposure of password hashes.\nUsing complex and secure passwords for all administrator and local user accounts makes password cracking infeasible and mitigates the impact of this issue.\n \nSwitching PAN-OS software from normal mode to FIPS-CC mode ensures that appliances use secure cryptography to store hashed credentials for all local user accounts. However, when you enable FIPS-CC mode, the appliance will reset to the factory default settings and the existing configuration is removed.\n\nDocumentation to enable FIPS-CC mode is available here:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/certifications/enable-fips-and-common-criteria-support.html"
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.16",
          "PAN-OS 9.0.15",
          "PAN-OS 9.0.14-h4",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20-h1",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0022",
    "datePublished": "2022-03-09T17:35:09.466087Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T20:47:18.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2005
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 03:27
Summary
PAN-OS: GlobalProtect Clientless VPN session hijacking
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2005"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue only affects firewalls configured with GlobalProtect Clientless VPN."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Ron Masas of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user\u0027s active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2005"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "GPCON-551"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: GlobalProtect Clientless VPN session hijacking",
      "workarounds": [
        {
          "lang": "en",
          "value": "Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2005",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: GlobalProtect Clientless VPN session hijacking"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue only affects firewalls configured with GlobalProtect Clientless VPN."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Ron Masas of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user\u0027s active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2005",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2005"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "GPCON-551"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2005",
    "datePublished": "2020-05-13T19:07:14.255122Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T03:27:58.741Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3061
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 17:49
Summary
PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3061"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.20-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.2 all"
            },
            {
              "status": "affected",
              "version": "2.1 Preferred"
            },
            {
              "status": "affected",
              "version": "2.1 Innovation"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CJ, an external security researcher, and Ben Nott from Palo Alto Networks for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:26",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3061"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-176655",
          "PAN-158334"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS CLI. You can mitigate the impact of this issue by following best practices for securing PAN-OS software. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3061",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CJ, an external security researcher, and Ben Nott from Palo Alto Networks for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3061",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3061"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-176655",
            "PAN-158334"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS CLI. You can mitigate the impact of this issue by following best practices for securing PAN-OS software. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3061",
    "datePublished": "2021-11-10T17:10:26.316382Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T17:49:25.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2015
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 16:13
Summary
PAN-OS: Buffer overflow in the management server
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.598Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2015"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.1",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:23:49",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2015"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-100734"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow in the management server",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2015",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow in the management server"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2015",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2015"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-100734"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2015",
    "datePublished": "2020-05-13T19:07:14.649992Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:13:05.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2002
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 04:03
Summary
PAN-OS: Spoofed Kerberos key distribution center authentication bypass
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2002"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks would like to thank Yoav Iellin, Yaron Kassner, and Rotem Zach from Silverfort for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All version of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290 Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2002"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-118957"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Spoofed Kerberos key distribution center authentication bypass",
      "workarounds": [
        {
          "lang": "en",
          "value": "Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2002",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Spoofed Kerberos key distribution center authentication bypass"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks would like to thank Yoav Iellin, Yaron Kassner, and Rotem Zach from Silverfort for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All version of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-290 Authentication Bypass by Spoofing"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2002",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2002"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-118957"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2002",
    "datePublished": "2020-05-13T19:07:14.142942Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T04:03:36.143Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6789
Vulnerability from cvelistv5
Published
2023-12-13 18:26
Modified
2024-08-02 08:42
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.423Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6789"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.26",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "All",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Md Sameull Islam of Beetles Cyber Security LTD, Kajetan Rostojek, and an external reporter for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator."
            }
          ],
          "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:26:30.524Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6789"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6789",
    "datePublished": "2023-12-13T18:26:30.524Z",
    "dateReserved": "2023-12-13T17:27:23.165Z",
    "dateUpdated": "2024-08-02T08:42:07.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6794
Vulnerability from cvelistv5
Published
2023-12-13 18:16
Modified
2024-08-02 08:42
Summary
PAN-OS: File Upload Vulnerability in the Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6794"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.26",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h1",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.14",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
            }
          ],
          "value": "An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:16:39.175Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6794"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h1, PAN-OS 9.1.14, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h1, PAN-OS 9.1.14, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: File Upload Vulnerability in the Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6794",
    "datePublished": "2023-12-13T18:16:39.175Z",
    "dateReserved": "2023-12-13T17:27:26.884Z",
    "dateUpdated": "2024-08-02T08:42:07.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5919
Vulnerability from cvelistv5
Published
2024-11-14 09:36
Modified
2024-11-14 19:41
Summary
PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5919",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:59:05.844837Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:41:04.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dan Marin of Deloitte"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Cristian Mocanu of Deloitte"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Alex Hordijk"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface."
            }
          ],
          "value": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-201",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-201 XML Entity Linking"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:36:46.390Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-205062"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5919",
    "datePublished": "2024-11-14T09:36:46.390Z",
    "dateReserved": "2024-06-12T15:27:57.328Z",
    "dateUpdated": "2024-11-14T19:41:04.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-17437
Vulnerability from cvelistv5
Published
2019-12-05 14:11
Modified
2024-09-17 04:10
Summary
PAN-OS: Custom-role users may escalate privileges
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.857Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "lessThanOrEqual": "7.0",
              "status": "unknown",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "7.1.25",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "lessThan": "8.0.20",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.1.11",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0.5",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue only affects devices configured with a low privileged custom-role user."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Christophe Schleypen of NCIA / NCIRC"
        }
      ],
      "datePublic": "2019-12-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-280",
              "description": "CWE-280 Improper Handling of Insufficient Permissions or Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-12-05T14:11:11",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/159"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions."
        }
      ],
      "source": {
        "advisory": "PAN-SA-2019-0038",
        "defect": [
          "PAN-115697"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "PAN-OS: Custom-role users may escalate privileges",
      "workarounds": [
        {
          "lang": "en",
          "value": "Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2019-12-04T17:00:00.000Z",
          "ID": "CVE-2019-17437",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Custom-role users may escalate privileges"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.25"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.0",
                            "version_value": "8.0.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.5"
                          },
                          {
                            "version_affected": "?\u003c=",
                            "version_value": "7.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue only affects devices configured with a low privileged custom-role user."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Christophe Schleypen of NCIA / NCIRC"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-280 Improper Handling of Insufficient Permissions or Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/159",
              "refsource": "CONFIRM",
              "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/159"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions."
          }
        ],
        "source": {
          "advisory": "PAN-SA-2019-0038",
          "defect": [
            "PAN-115697"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2019-17437",
    "datePublished": "2019-12-05T14:11:11.290884Z",
    "dateReserved": "2019-10-10T00:00:00",
    "dateUpdated": "2024-09-17T04:10:31.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0010
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0010",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-15T16:39:09.757949Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:58:38.476Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:14.685Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-0010"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11-h1",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.12",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "unaffected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10-h1",
              "status": "unaffected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal enabled. You can verify whether you have a GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Portals)."
            }
          ],
          "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal enabled. You can verify whether you have a GlobalProtect portal configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Portals)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Micha\u0142 Majchrowicz and Livio Victoriano from Afine Team for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-02-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
            }
          ],
          "value": "A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user\u2019s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T17:32:28.818Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-0010"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, PAN-OS 10.1.12, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, PAN-OS 10.1.12, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-216858"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94972 (Applications and Threats content update 8810).\u003cbr\u003e"
            }
          ],
          "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94972 (Applications and Threats content update 8810).\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0010",
    "datePublished": "2024-02-14T17:32:28.818Z",
    "dateReserved": "2023-11-09T18:56:08.476Z",
    "dateUpdated": "2024-08-01T17:41:14.685Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8691
Vulnerability from cvelistv5
Published
2024-09-11 16:43
Modified
2024-09-11 18:19
Summary
PAN-OS: User Impersonation in GlobalProtect Portal
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8691",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T18:19:33.436542Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T18:19:46.897Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "status": "unaffected",
              "version": "11.2.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Claudiu Pancotan"
        }
      ],
      "datePublic": "2024-09-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker."
            }
          ],
          "value": "A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-151",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-151 Identity Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/AU:Y/R:A/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863 Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T16:43:30.608Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-8691"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.1.17, PAN-OS 10.1.11, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.1.17, PAN-OS 10.1.11, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-219031",
          "PAN-192893"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-11T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: User Impersonation in GlobalProtect Portal",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-8691",
    "datePublished": "2024-09-11T16:43:30.608Z",
    "dateReserved": "2024-09-11T08:21:16.638Z",
    "dateUpdated": "2024-09-11T18:19:46.897Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6790
Vulnerability from cvelistv5
Published
2023-12-13 18:15
Modified
2024-08-02 08:42
Summary
PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6790"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.25",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.25",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.9",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface."
            }
          ],
          "value": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:15:48.142Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6790"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6790",
    "datePublished": "2023-12-13T18:15:48.142Z",
    "dateReserved": "2023-12-13T17:27:24.529Z",
    "dateUpdated": "2024-08-02T08:42:07.444Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0005
Vulnerability from cvelistv5
Published
2023-04-12 16:41
Modified
2024-08-02 04:54
Summary
PAN-OS: Exposure of Sensitive Information Vulnerability
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.662Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-0005"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.3",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.8",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.15",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks the security researcher rqu for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-04-12T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys."
            }
          ],
          "value": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-12T16:41:21.342Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-0005"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.8, PAN-OS 10.2.3, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.8, PAN-OS 10.2.3, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-198986"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-04-12T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Exposure of Sensitive Information Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-0005",
    "datePublished": "2023-04-12T16:41:21.342Z",
    "dateReserved": "2022-10-27T18:48:14.336Z",
    "dateUpdated": "2024-08-02T04:54:32.662Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1995
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 01:40
Summary
PAN-OS: Management server rasmgr denial of service
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.573Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1995"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue affects: PAN-OS 9.1 versions earlier than 9.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1995"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.1.2 and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-133527"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Management server rasmgr denial of service",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1995",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Management server rasmgr denial of service"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue affects: PAN-OS 9.1 versions earlier than 9.1.2."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476 NULL Pointer Dereference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1995",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1995"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.1.2 and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-133527"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1995",
    "datePublished": "2020-05-13T19:07:13.950717Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:40:42.974Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-2552
Vulnerability from cvelistv5
Published
2024-11-14 09:39
Modified
2024-11-14 19:08
Summary
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2552",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:58:28.794154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:08:21.217Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.4",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.5",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.6",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.12",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Bobby Storey"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall."
            }
          ],
          "value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-126",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-126 Path Traversal"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:39:06.523Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.12, PAN-OS 11.0.6, PAN-OS 11.1.5, PAN-OS 11.2.4, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.12, PAN-OS 11.0.6, PAN-OS 11.1.5, PAN-OS 11.2.4, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-261332"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eWe strongly recommend customers to ensure access to your management interface is configured correctly in accordance with our recommended best practice deployment guidelines. In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. The vast majority of firewalls already follow this Palo Alto Networks and industry best practice.\u003c/p\u003ePlease see the following link for additional information regarding how to secure the management access of your palo alto networks device: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/a\u003e"
            }
          ],
          "value": "We strongly recommend customers to ensure access to your management interface is configured correctly in accordance with our recommended best practice deployment guidelines. In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. The vast majority of firewalls already follow this Palo Alto Networks and industry best practice.\n\nPlease see the following link for additional information regarding how to secure the management access of your palo alto networks device:  https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2552",
    "datePublished": "2024-11-14T09:39:06.523Z",
    "dateReserved": "2024-03-15T22:43:28.837Z",
    "dateUpdated": "2024-11-14T19:08:21.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2009
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 18:07
Summary
PAN-OS: Panorama SD WAN arbitrary file creation
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2009"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom and Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73 External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2009"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-130361"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama SD WAN arbitrary file creation",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2009",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama SD WAN arbitrary file creation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom and Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-73 External Control of File Name or Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2009",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2009"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-130361"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2009",
    "datePublished": "2020-05-13T19:07:14.419045Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T18:07:53.255Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2048
Vulnerability from cvelistv5
Published
2020-11-12 00:05
Modified
2024-09-17 01:26
Summary
PAN-OS: System proxy passwords may be logged in clear text while viewing system state
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.591Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2048"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.17",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.11",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is only applicable when a system proxy server is configured on the firewall. You can verify this in the management web interface: Setup -\u003e Services -\u003e Proxy Server."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.2."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Information Exposure Through Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T00:05:21",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2048"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-140157"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-11-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: System proxy passwords may be logged in clear text while viewing system state",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
          "ID": "CVE-2020-2048",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: System proxy passwords may be logged in clear text while viewing system state"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is only applicable when a system proxy server is configured on the firewall. You can verify this in the management web interface: Setup -\u003e Services -\u003e Proxy Server."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.2."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-532 Information Exposure Through Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2048",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2048"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.2, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-140157"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-11-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2048",
    "datePublished": "2020-11-12T00:05:22.235844Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:26:02.418Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3053
Vulnerability from cvelistv5
Published
2021-09-08 17:10
Modified
2024-09-16 16:17
Summary
PAN-OS: Exceptional Condition Denial-of-Service (DoS)
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.995Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3053"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.9",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.5",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. This issue does not affect Prisma Access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-08T17:10:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3053"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-158723"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-09-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Exceptional Condition Denial-of-Service (DoS)",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00.000Z",
          "ID": "CVE-2021-3053",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Exceptional Condition Denial-of-Service (DoS)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. This issue does not affect Prisma Access."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755 Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3053",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3053"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-158723"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-09-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3053",
    "datePublished": "2021-09-08T17:10:19.646975Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T16:17:55.225Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2037
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 19:15
Summary
PAN-OS: OS command injection vulnerability in the management web interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.587Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2037"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0*",
              "status": "unaffected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Mikhail Klyuchnikov of Positive Technologies, and Nicholas Newsom of Palo Alto Networks for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:26",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2037"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-128761"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in the management web interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2037",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in the management web interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Mikhail Klyuchnikov of Positive Technologies, and Nicholas Newsom of Palo Alto Networks for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2037",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2037"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-128761"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2037",
    "datePublished": "2020-09-09T16:45:26.132965Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:15:01.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0007
Vulnerability from cvelistv5
Published
2023-05-10 16:30
Modified
2024-08-02 04:54
Summary
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-0007"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Panorama"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.7",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.25",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.25",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1"
            },
            {
              "status": "unaffected",
              "version": "10.2"
            },
            {
              "status": "unaffected",
              "version": "11.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Colin McQueen"
        }
      ],
      "datePublic": "2023-05-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-592",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-592 Stored XSS"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-80",
              "description": " CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-10T16:30:47.049Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-0007"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-166872"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-0007",
    "datePublished": "2023-05-10T16:30:47.049Z",
    "dateReserved": "2022-10-27T18:48:16.758Z",
    "dateUpdated": "2024-08-02T04:54:32.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9474
Vulnerability from cvelistv5
Published
2024-11-18 15:48
Modified
2024-11-19 04:55
Summary
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.2.4-h1",
                "status": "affected",
                "version": "11.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.1.5-h1",
                "status": "affected",
                "version": "11.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.6-h1",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.12-h2",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.14-h6",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9474",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-18T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-11-18",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-9474"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T04:55:44.933Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.2.4-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.4-h1",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.5-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.5-h1",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.6-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.6-h1",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.12-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.12-h2",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.14-h6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14-h6",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:\u003c/p\u003e\u003col\u003e\u003cli\u003eDirectly\u003cbr /\u003eor\u003c/li\u003e\u003cli\u003eThrough a dataplane interface that includes a management interface profile.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.\u003c/p\u003e\u003cp\u003eUse the following steps to identify your recently detected devices in our Internet scans:\u003c/p\u003e\u003col\u003e\u003cli\u003eTo find your known assets that require remediation action, visit the Assets section of Customer Support Portal at \u003ca target=\"_blank\" href=\"https://support.paloaltonetworks.com/\"\u003ehttps://support.paloaltonetworks.com\u003c/a\u003e\u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\u003c/li\u003e\u003cli\u003eThe list of your known devices with an internet-facing management interface discovered in our scans are tagged with PAN-SA-2024-0015 with a last seen timestamp in UTC. If no such devices are listed, it indicates our scan did not find any devices with internet-facing management interface for your account in the last three days.\u003c/li\u003e\u003c/ol\u003e"
            }
          ],
          "value": "The risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:\n\n  *  Directly\nor\n  *  Through a dataplane interface that includes a management interface profile.\nThe risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.\n\nUse the following steps to identify your recently detected devices in our Internet scans:\n\n  *  To find your known assets that require remediation action, visit the Assets section of Customer Support Portal at  https://support.paloaltonetworks.com https://support.paloaltonetworks.com/ \u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\n  *  The list of your known devices with an internet-facing management interface discovered in our scans are tagged with PAN-SA-2024-0015 with a last seen timestamp in UTC. If no such devices are listed, it indicates our scan did not find any devices with internet-facing management interface for your account in the last three days."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks our Deep Product Security Research Team for discovering this issue internally from threat activity."
        }
      ],
      "datePublic": "2024-11-18T14:20:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.\u003c/p\u003e\u003cp\u003eCloud NGFW and Prisma Access are not impacted by this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges.\n\nCloud NGFW and Prisma Access are not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003ePalo Alto Networks observed threat activity that exploits this vulnerability against a limited number of management web interfaces that are exposed to internet traffic coming from outside the network.\u003c/span\u003e\u003cbr /\u003e"
            }
          ],
          "value": "Palo Alto Networks observed threat activity that exploits this vulnerability against a limited number of management web interfaces that are exposed to internet traffic coming from outside the network."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet. The worst impact is that a malicious administrator is able to tamper with the system integrity."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "If you configure a specific list of IP addresses that only allow access to the management interface, you greatly reduce the risk of exploitation because attacks would require privileged access using only those IP addresses."
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-18T15:48:23.405Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-9474"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue is fixed in PAN-OS 10.1.14-h6, PAN-OS 10.2.12-h2, PAN-OS 11.0.6-h1, PAN-OS 11.1.5-h1, PAN-OS 11.2.4-h1, and all later PAN-OS versions.\u003c/p\u003e\u003cp\u003eIn addition, in an attempt to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\u003c/p\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003eAdditional PAN-OS 11.2 fixes:\u003cul\u003e\u003cli\u003e\u200b\u200b11.2.0-h1\u003c/li\u003e\u003cli\u003e11.2.1-h1\u003c/li\u003e\u003cli\u003e11.2.2-h2\u003c/li\u003e\u003cli\u003e11.2.3-h3\u003c/li\u003e\u003cli\u003e11.2.4-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 11.1 fixes:\u003cul\u003e\u003cli\u003e11.1.0-h4\u003c/li\u003e\u003cli\u003e11.1.1-h2\u003c/li\u003e\u003cli\u003e11.1.2-h15\u003c/li\u003e\u003cli\u003e11.1.3-h11\u003c/li\u003e\u003cli\u003e11.1.4-h7\u003c/li\u003e\u003cli\u003e11.1.5-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 11.0 fixes:\u003cul\u003e\u003cli\u003e11.0.0-h4\u003c/li\u003e\u003cli\u003e11.0.1-h5\u003c/li\u003e\u003cli\u003e11.0.2-h5\u003c/li\u003e\u003cli\u003e11.0.3-h13\u003c/li\u003e\u003cli\u003e11.0.4-h6\u003c/li\u003e\u003cli\u003e11.0.5-h2\u003c/li\u003e\u003cli\u003e11.0.6-h1\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 10.2 fixes:\u003cul\u003e\u003cli\u003e10.2.0-h4\u003c/li\u003e\u003cli\u003e10.2.1-h3\u003c/li\u003e\u003cli\u003e10.2.2-h6\u003c/li\u003e\u003cli\u003e10.2.3-h14\u003c/li\u003e\u003cli\u003e10.2.4-h32\u003c/li\u003e\u003cli\u003e10.2.5-h9\u003c/li\u003e\u003cli\u003e10.2.6-h6\u003c/li\u003e\u003cli\u003e10.2.7-h18\u003c/li\u003e\u003cli\u003e10.2.8-h15\u003c/li\u003e\u003cli\u003e10.2.9-h16\u003c/li\u003e\u003cli\u003e10.2.10-h9\u003c/li\u003e\u003cli\u003e10.2.11-h6\u003c/li\u003e\u003cli\u003e10.2.12-h2\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003cli\u003eAdditional PAN-OS 10.1 fixes:\u003cul\u003e\u003cli\u003e10.1.9-h14\u003c/li\u003e\u003cli\u003e10.1.10-h9\u003c/li\u003e\u003cli\u003e10.1.11-h10\u003c/li\u003e\u003cli\u003e10.1.12-h3\u003c/li\u003e\u003cli\u003e10.1.13-h5\u003c/li\u003e\u003cli\u003e10.1.14-h6\u003c/li\u003e\u003c/ul\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.14-h6, PAN-OS 10.2.12-h2, PAN-OS 11.0.6-h1, PAN-OS 11.1.5-h1, PAN-OS 11.2.4-h1, and all later PAN-OS versions.\n\nIn addition, in an attempt to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\n\n  *  Additional PAN-OS 11.2 fixes:  *  \u200b\u200b11.2.0-h1\n  *  11.2.1-h1\n  *  11.2.2-h2\n  *  11.2.3-h3\n  *  11.2.4-h1\n\n\n\n  *  Additional PAN-OS 11.1 fixes:  *  11.1.0-h4\n  *  11.1.1-h2\n  *  11.1.2-h15\n  *  11.1.3-h11\n  *  11.1.4-h7\n  *  11.1.5-h1\n\n\n\n  *  Additional PAN-OS 11.0 fixes:  *  11.0.0-h4\n  *  11.0.1-h5\n  *  11.0.2-h5\n  *  11.0.3-h13\n  *  11.0.4-h6\n  *  11.0.5-h2\n  *  11.0.6-h1\n\n\n\n  *  Additional PAN-OS 10.2 fixes:  *  10.2.0-h4\n  *  10.2.1-h3\n  *  10.2.2-h6\n  *  10.2.3-h14\n  *  10.2.4-h32\n  *  10.2.5-h9\n  *  10.2.6-h6\n  *  10.2.7-h18\n  *  10.2.8-h15\n  *  10.2.9-h16\n  *  10.2.10-h9\n  *  10.2.11-h6\n  *  10.2.12-h2\n\n\n\n  *  Additional PAN-OS 10.1 fixes:  *  10.1.9-h14\n  *  10.1.10-h9\n  *  10.1.11-h10\n  *  10.1.12-h3\n  *  10.1.13-h5\n  *  10.1.14-h6"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-18T14:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003eRecommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven\u2019t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.\u003c/span\u003e\u003cbr /\u003e\u003cp\u003e\u003cspan\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/span\u003e\u003c/p\u003e\u003cspan\u003e\u003cul\u003e\u003cli\u003e\u003cspan\u003ePalo Alto Networks LIVEcommunity article:\u00a0\u003c/span\u003e\u003ca target=\"_blank\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003e\u003cspan\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/span\u003e\u003c/a\u003e\u003c/li\u003e\u003cli\u003ePalo Alto Networks official and more detailed technical documentation:\u00a0\u003ca target=\"_blank\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/span\u003e"
            }
          ],
          "value": "Recommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven\u2019t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n  *  Palo Alto Networks LIVEcommunity article:\u00a0 https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-9474",
    "datePublished": "2024-11-18T15:48:23.405Z",
    "dateReserved": "2024-10-03T11:35:20.568Z",
    "dateUpdated": "2024-11-19T04:55:44.933Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2029
Vulnerability from cvelistv5
Published
2020-06-10 17:28
Modified
2024-09-16 16:52
Summary
PAN-OS: OS command injection vulnerability in management interface certificate generator
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2029"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0*",
              "status": "unaffected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Przemys\u0142aw Kowalski of STM Solutions for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.26; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:28:40",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2029"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-124621"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-06-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in management interface certificate generator",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
          "ID": "CVE-2020-2029",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in management interface certificate generator"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Przemys\u0142aw Kowalski of STM Solutions for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.26; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2029",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2029"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-124621"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-06-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2029",
    "datePublished": "2020-06-10T17:28:40.767720Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:52:57.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3056
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 20:36
Summary
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3056"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.9",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.2 all"
            },
            {
              "status": "affected",
              "version": "2.1 Preferred"
            },
            {
              "status": "unaffected",
              "version": "2.1 Innovation"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations with the Clientless VPN feature and SAML authentication enabled for GlobalProtect Portal."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during an internal security review."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3056"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-149501"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "Enable signatures for Unique Threat ID 91585 on traffic processed by the firewall to block attacks against CVE-2021-3056."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3056",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations with the Clientless VPN feature and SAML authentication enabled for GlobalProtect Portal."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during an internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3056",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3056"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.1, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-149501"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Enable signatures for Unique Threat ID 91585 on traffic processed by the firewall to block attacks against CVE-2021-3056."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3056",
    "datePublished": "2021-11-10T17:10:20.024857Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T20:36:56.323Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2012
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 04:24
Summary
PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.541Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2012"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper restriction of XML external entity reference (\u0027XXE\u0027) vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue affects: All versions of PAN-OS for Panorama 7.1 and 8.0; PAN-OS for Panorama 8.1 versions earlier than 8.1.13; PAN-OS for Panorama 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:23:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2012"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-119810"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama: XML external entity reference (\u0027XXE\u0027) vulnerability leads the to information leak",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2012",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama: XML external entity reference (\u0027XXE\u0027) vulnerability leads the to information leak"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper restriction of XML external entity reference (\u0027XXE\u0027) vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue affects: All versions of PAN-OS for Panorama 7.1 and 8.0; PAN-OS for Panorama 8.1 versions earlier than 8.1.13; PAN-OS for Panorama 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2012",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2012"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-119810"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2012",
    "datePublished": "2020-05-13T19:07:14.538223Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T04:24:36.796Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5913
Vulnerability from cvelistv5
Published
2024-07-10 18:40
Modified
2024-08-06 04:19
Summary
PAN-OS: Improper Input Validation Vulnerability in PAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.2.10",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.2.1",
                "status": "affected",
                "version": "11.2",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.1.4",
                "status": "affected",
                "version": "11.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.0.5",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unaffected",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "10.1.14-h2",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-10T19:50:29.169156Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-10T20:05:27.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:25:02.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-5913"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.1.14-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14-h2",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.10",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.5",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.4",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.1",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "None"
            },
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "None"
            },
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Independent Security Researcher Pear1y"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Joel Land of CISA Vulnerability Response and Coordination"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "rqu"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Enrique Castillo of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-07-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
            }
          ],
          "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-06T04:19:19.068Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-5913"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2024-07-10T16:00:00.000Z",
          "ID": "CVE-2024-5913",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.14-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.14-h2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.2",
                            "version_value": "10.2.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.2",
                            "version_value": "10.2.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.0",
                            "version_value": "11.0.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "11.0",
                            "version_value": "11.0.5"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.1",
                            "version_value": "11.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "11.1",
                            "version_value": "11.1.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "11.2",
                            "version_value": "11.2.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "11.2",
                            "version_value": "11.2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Cloud NGFW",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "None"
                          },
                          {
                            "version_affected": "!",
                            "version_value": "All"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "None"
                          },
                          {
                            "version_affected": "!",
                            "version_value": "All"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Independent Security Researcher Pear1y, Joel Land of CISA Vulnerability Response and Coordination, and Enrique Castillo of Palo Alto Networks for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges."
            }
          ]
        },
        "exploit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "vulnogram 0.1.0-rc1"
        },
        "impact": {
          "cvss": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "PHYSICAL",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2023-case-PAN-253982"
            }
          ]
        },
        "solution": [
          {
            "lang": "eng",
            "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "eng",
            "time": "2024-07-10T16:00:00.000Z",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5913",
    "datePublished": "2024-07-10T18:40:29.769Z",
    "dateReserved": "2024-06-12T15:27:56.398Z",
    "dateUpdated": "2024-08-06T04:19:19.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1581
Vulnerability from cvelistv5
Published
2019-08-23 17:06
Modified
2024-09-17 00:56
Severity ?
Summary
PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:20:28.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2019-1581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "lessThan": "7.1.24-h1, 7.1.25",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "lessThan": "8.0.19-h1, 8.0.20",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            },
            {
              "lessThan": "8.1.9-h4, 8.1.10",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0.3-h3, 9.0.4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "7.0",
              "status": "unknown",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "The UK\u0027s National Cyber Security Centre (NCSC)"
        }
      ],
      "datePublic": "2019-08-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T16:03:48",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2019-1581"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue has been resolved in PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later."
        }
      ],
      "source": {
        "advisory": "PAN-SA-2019-0022",
        "defect": [
          "PAN-123564"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the SSH management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interfaces. Our best practices guidelines reduce the exposure of device management interfaces to potential attacker."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2019-08-21T22:13:00.000Z",
          "ID": "CVE-2019-1581",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Remote code execution vulnerability in the PAN-OS SSH device management interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.24-h1, 7.1.25"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.0",
                            "version_value": "8.0.19-h1, 8.0.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.9-h4, 8.1.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.3-h3, 9.0.4"
                          },
                          {
                            "version_affected": "?\u003c=",
                            "version_name": "all",
                            "version_value": "7.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "The UK\u0027s National Cyber Security Centre (NCSC)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4, 8.1.10; 9.0 versions prior to 9.0.3-h3, 9.0.4."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2019-1581",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2019-1581"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue has been resolved in PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later."
          }
        ],
        "source": {
          "advisory": "PAN-SA-2019-0022",
          "defect": [
            "PAN-123564"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the SSH management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interfaces. Our best practices guidelines reduce the exposure of device management interfaces to potential attacker."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2019-1581",
    "datePublished": "2019-08-23T17:06:23.679531Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-09-17T00:56:45.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3046
Vulnerability from cvelistv5
Published
2021-08-11 17:10
Modified
2024-09-17 02:47
Summary
PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.19",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.19",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.9",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.5",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This vulnerability applies only to PAN-OS firewalls configured to have a GlobalProtect portal or gateway with SAML authentication enabled."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Alexander Harvey for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:16",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3046"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-150023"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal",
      "workarounds": [
        {
          "lang": "en",
          "value": "You can disable SAML authentication for any impacted GlobalProtect portal or gateway until you upgrade the PAN-OS firewall to a fixed version."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3046",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This vulnerability applies only to PAN-OS firewalls configured to have a GlobalProtect portal or gateway with SAML authentication enabled."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Alexander Harvey for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287 Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3046",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3046"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-150023"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You can disable SAML authentication for any impacted GlobalProtect portal or gateway until you upgrade the PAN-OS firewall to a fixed version."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3046",
    "datePublished": "2021-08-11T17:10:16.244759Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T02:47:06.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1992
Vulnerability from cvelistv5
Published
2020-04-08 18:41
Modified
2024-09-17 03:44
Summary
PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1992"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "PA-7000 series with LFC"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "status": "unaffected",
              "version": "8.0.*"
            },
            {
              "status": "unaffected",
              "version": "7.1.*"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue requires WildFire services to be configured and enabled."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer."
        }
      ],
      "datePublic": "2020-04-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-134",
              "description": "CWE-134 Use of Externally-Controlled Format String",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-08T18:41:58",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1992"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-135103"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-04-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-04-08T16:00:00.000Z",
          "ID": "CVE-2020-1992",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "PA-7000 series with LFC",
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "platform": "PA-7000 series with LFC",
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          },
                          {
                            "platform": "PA-7000 series with LFC",
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "platform": "PA-7000 series with LFC",
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.2"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue requires WildFire services to be configured and enabled."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-134 Use of Externally-Controlled Format String"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1992",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1992"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-135103"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-04-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1992",
    "datePublished": "2020-04-08T18:41:58.564278Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T03:44:20.914Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2035
Vulnerability from cvelistv5
Published
2020-08-12 17:05
Modified
2024-09-17 04:10
Summary
PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2035"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.mnemonic.no/blog/introducing-snicat/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.1.*"
            },
            {
              "status": "affected",
              "version": "9.0.*"
            },
            {
              "status": "affected",
              "version": "9.1.*"
            },
            {
              "status": "affected",
              "version": "10.0.*"
            },
            {
              "status": "affected",
              "version": "10.1.*"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This URL filtering policy evasion situation is only applicable when the following conditions are true:\n\n1. A host in the network is already compromised by a malicious actor.\n\n2. The PAN-OS configuration must have the SSL/TLS Decryption Forward Proxy feature enabled for the specific traffic that the attacker controls.\n\n3. There is no other security device in the chain that performs URL Filtering or can block access to malicious URLs or IP-addresses on the encrypted SSL/TLS traffic."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Morten Marstrander and Matteo Malvica from mnemonic AS for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-08-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised host in a protected network to evade any security policy that uses URL filtering on a firewall configured with SSL Decryption in the Forward Proxy mode. A malicious actor can then use this technique to evade detection of communication on the TLS handshake phase between a compromised host and a remote malicious server. This technique does not increase the risk of a host being compromised in the network. It does not impact the confidentiality or availability of a firewall. This is considered to have a low impact on the integrity of the firewall because the firewall fails to enforce a policy on certain traffic that should have been blocked. This issue does not impact the URL filtering policy enforcement on clear text or encrypted web transactions. This technique can be used only after a malicious actor has compromised a host in the protected network and the TLS/SSL Decryption feature is enabled for the traffic that the attacker controls. Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data. This issue is applicable to all current versions of PAN-OS. This issue does not impact Panorama or WF-500 appliances."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-10T12:33:06",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2035"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.mnemonic.no/blog/introducing-snicat/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is currently working to improve our inspection engines by adding a URL filtering policy check on both the TLS SNI field and the HTTP Host and URL headers for decrypted HTTPS transactions.\n\nApply any of the workarounds to completely mitigate the risk of evasion.\n\nThere are currently no PAN-OS updates available for this issue."
        }
      ],
      "source": {
        "defect": [
          "PAN-140086"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-08-12T00:00:00",
          "value": "Initial publication"
        },
        {
          "lang": "en",
          "time": "2021-03-03T00:00:00",
          "value": "Added clarification that Panorama and WF-500 appliances are not impacted"
        },
        {
          "lang": "en",
          "time": "2021-06-09T00:00:00",
          "value": "Updated impacted versions to include PAN-OS 10.1"
        }
      ],
      "title": "PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions",
      "workarounds": [
        {
          "lang": "en",
          "value": "Customers concerned about the risk described in this advisory are encouraged to review the KB article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008V4J for more information on background and mitigation options. To enforce URL filtering policy on TLS handshakes for decrypted HTTPS sessions, we suggest you use any one of the following workarounds:\n\n1. Route outbound traffic between two virtual systems (vsys) on PAN-OS firewalls that have vsys capability and perform URL Filtering on one vsys and perform SSL/TLS Decryption on the other vsys.\n\n2. Add two additional Security Zones and route outbound traffic between the two zones so that you can apply both \"Decrypt\" and \"No Decrypt\" Decryption policy rules. For example, configure your next-generation firewall so that traffic travels from the Inside zone to the Internal-DMZ zone where you applied a \u201cNo Decrypt\u201d rule along with URL Filtering and then the traffic passes to the External-DMZ zone and from External-DMZ to the Internet zone where you applied a \"Decrypt\" rule. Be aware that this workaround configuration may significantly increase the load on your firewall.\n\n3. Use the additional security device in the traffic chain. \nThe SSL/TLS Decryption and URL Filtering functions should be separated (for example, the first device is performing URL Filtering and the second device is performing SSL/TLS Decryption).\n\nThese workarounds are described in detail at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008V4J\n\nWe recommend you use an endpoint protection solution such as the Cortex XDR agent to significantly reduce the potential risk of hosts being compromised. See https://www.paloaltonetworks.com/cortex/endpoint-protection.\n\nCaution: We recommend that you do not disable SSL/TLS Decryption as a workaround to this issue. There are additional risks associated with this action."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-08-12T16:00:00.000Z",
          "ID": "CVE-2020-2035",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "9.1",
                            "version_value": "9.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This URL filtering policy evasion situation is only applicable when the following conditions are true:\n\n1. A host in the network is already compromised by a malicious actor.\n\n2. The PAN-OS configuration must have the SSL/TLS Decryption Forward Proxy feature enabled for the specific traffic that the attacker controls.\n\n3. There is no other security device in the chain that performs URL Filtering or can block access to malicious URLs or IP-addresses on the encrypted SSL/TLS traffic."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Morten Marstrander and Matteo Malvica from mnemonic AS for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised host in a protected network to evade any security policy that uses URL filtering on a firewall configured with SSL Decryption in the Forward Proxy mode. A malicious actor can then use this technique to evade detection of communication on the TLS handshake phase between a compromised host and a remote malicious server. This technique does not increase the risk of a host being compromised in the network. It does not impact the confidentiality or availability of a firewall. This is considered to have a low impact on the integrity of the firewall because the firewall fails to enforce a policy on certain traffic that should have been blocked. This issue does not impact the URL filtering policy enforcement on clear text or encrypted web transactions. This technique can be used only after a malicious actor has compromised a host in the protected network and the TLS/SSL Decryption feature is enabled for the traffic that the attacker controls. Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data. This issue is applicable to all current versions of PAN-OS. This issue does not impact Panorama or WF-500 appliances."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2035",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2035"
            },
            {
              "name": "https://www.mnemonic.no/blog/introducing-snicat/",
              "refsource": "MISC",
              "url": "https://www.mnemonic.no/blog/introducing-snicat/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is currently working to improve our inspection engines by adding a URL filtering policy check on both the TLS SNI field and the HTTP Host and URL headers for decrypted HTTPS transactions.\n\nApply any of the workarounds to completely mitigate the risk of evasion.\n\nThere are currently no PAN-OS updates available for this issue."
          }
        ],
        "source": {
          "defect": [
            "PAN-140086"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-08-12T00:00:00",
            "value": "Initial publication"
          },
          {
            "lang": "en",
            "time": "2021-03-03T00:00:00",
            "value": "Added clarification that Panorama and WF-500 appliances are not impacted"
          },
          {
            "lang": "en",
            "time": "2021-06-09T00:00:00",
            "value": "Updated impacted versions to include PAN-OS 10.1"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Customers concerned about the risk described in this advisory are encouraged to review the KB article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008V4J for more information on background and mitigation options. To enforce URL filtering policy on TLS handshakes for decrypted HTTPS sessions, we suggest you use any one of the following workarounds:\n\n1. Route outbound traffic between two virtual systems (vsys) on PAN-OS firewalls that have vsys capability and perform URL Filtering on one vsys and perform SSL/TLS Decryption on the other vsys.\n\n2. Add two additional Security Zones and route outbound traffic between the two zones so that you can apply both \"Decrypt\" and \"No Decrypt\" Decryption policy rules. For example, configure your next-generation firewall so that traffic travels from the Inside zone to the Internal-DMZ zone where you applied a \u201cNo Decrypt\u201d rule along with URL Filtering and then the traffic passes to the External-DMZ zone and from External-DMZ to the Internet zone where you applied a \"Decrypt\" rule. Be aware that this workaround configuration may significantly increase the load on your firewall.\n\n3. Use the additional security device in the traffic chain. \nThe SSL/TLS Decryption and URL Filtering functions should be separated (for example, the first device is performing URL Filtering and the second device is performing SSL/TLS Decryption).\n\nThese workarounds are described in detail at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008V4J\n\nWe recommend you use an endpoint protection solution such as the Cortex XDR agent to significantly reduce the potential risk of hosts being compromised. See https://www.paloaltonetworks.com/cortex/endpoint-protection.\n\nCaution: We recommend that you do not disable SSL/TLS Decryption as a workaround to this issue. There are additional risks associated with this action."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2035",
    "datePublished": "2020-08-12T17:05:15.346529Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T04:10:07.790Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2027
Vulnerability from cvelistv5
Published
2020-06-10 17:28
Modified
2024-09-17 03:17
Summary
PAN-OS: Buffer overflow in authd authentication response
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2027"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:28:15",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2027"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "CYR-10833"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-06-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow in authd authentication response",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
          "ID": "CVE-2020-2027",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow in authd authentication response"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2027",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2027"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "CYR-10833"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-06-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2027",
    "datePublished": "2020-06-10T17:28:15.853924Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T03:17:38.535Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-2551
Vulnerability from cvelistv5
Published
2024-11-14 09:36
Modified
2024-11-19 15:01
Summary
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2551",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T15:01:17.887695Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T15:01:40.744Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.5",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4-h6",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "a customer"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
            }
          ],
          "value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:36:09.876Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-223185"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2551",
    "datePublished": "2024-11-14T09:36:09.876Z",
    "dateReserved": "2024-03-15T22:43:27.814Z",
    "dateUpdated": "2024-11-19T15:01:40.744Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3047
Vulnerability from cvelistv5
Published
2021-08-11 17:10
Modified
2024-09-17 02:32
Summary
PAN-OS: Weak Cryptography Used in Web Interface Authentication
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3047"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.19",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.19",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.4",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.10",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "There is no specific configuration required for this exposure\u2014all web interface authentication methods are impacted by this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Google Security for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authenticated web interface administrator\u0027s session. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.4. PAN-OS 10.1 versions are not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-338",
              "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3047"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.10, PAN-OS 10.0.4, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-156240"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Weak Cryptography Used in Web Interface Authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3047",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Weak Cryptography Used in Web Interface Authentication"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.19"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "There is no specific configuration required for this exposure\u2014all web interface authentication methods are impacted by this issue."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Google Security for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authenticated web interface administrator\u0027s session. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.4. PAN-OS 10.1 versions are not impacted."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3047",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3047"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.10, PAN-OS 10.0.4, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-156240"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3047",
    "datePublished": "2021-08-11T17:10:17.831915Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T02:32:37.786Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2050
Vulnerability from cvelistv5
Published
2020-11-12 00:05
Modified
2024-09-17 00:11
Summary
PAN-OS: Authentication bypass vulnerability in GlobalProtect SSL VPN client certificate verification
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2050"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.17",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.11",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.5",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is only applicable to PAN-OS appliances using the GlobalProtect SSL VPN gateway or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication. Impacted features that use SSL VPN with client certificate verification are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN In configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285 Improper Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T00:05:22",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2050"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-146650"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-11-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authentication bypass vulnerability in GlobalProtect SSL VPN client certificate verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be mitigated by configuring GlobalProtect SSL VPN to require gateway and portal users to authenticate with their credentials. Other authentication methods are not impacted by this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
          "ID": "CVE-2020-2050",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Authentication bypass vulnerability in GlobalProtect SSL VPN client certificate verification"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is only applicable to PAN-OS appliances using the GlobalProtect SSL VPN gateway or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication. Impacted features that use SSL VPN with client certificate verification are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN In configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-285 Improper Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2050",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2050"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-146650"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-11-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue can be mitigated by configuring GlobalProtect SSL VPN to require gateway and portal users to authenticate with their credentials. Other authentication methods are not impacted by this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2050",
    "datePublished": "2020-11-12T00:05:22.986621Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:11:04.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2003
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:05
Summary
PAN-OS: Authenticated administrator can delete arbitrary system file
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.728Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2003"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.1",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions before 8.1.14; PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73 External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2003"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-100415"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authenticated administrator can delete arbitrary system file",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2003",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Authenticated administrator can delete arbitrary system file"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions before 8.1.14; PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-73 External Control of File Name or Path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2003",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2003"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-100415"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2003",
    "datePublished": "2020-05-13T19:07:14.185214Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:05:50.686Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-10139
Vulnerability from cvelistv5
Published
2018-08-16 18:00
Modified
2024-09-17 01:25
Severity ?
Summary
The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.
References
http://www.securityfocus.com/bid/105111vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1041544vdb-entry, x_refsource_SECTRACK
https://security.paloaltonetworks.com/CVE-2018-10139x_refsource_CONFIRM
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:32:01.237Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105111",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105111"
          },
          {
            "name": "1041544",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041544"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2018-10139"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "6.1.21 and earlier"
            },
            {
              "status": "affected",
              "version": "7.1.18 and earlier"
            },
            {
              "status": "affected",
              "version": "8.0.11 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2018-08-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-site scripting",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T16:03:46",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "name": "105111",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105111"
        },
        {
          "name": "1041544",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041544"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2018-10139"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2018-08-15T00:00:00",
          "ID": "CVE-2018-10139",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "6.1.21 and earlier"
                          },
                          {
                            "version_value": "7.1.18 and earlier"
                          },
                          {
                            "version_value": "8.0.11 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105111",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105111"
            },
            {
              "name": "1041544",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041544"
            },
            {
              "name": "https://security.paloaltonetworks.com/CVE-2018-10139",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2018-10139"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2018-10139",
    "datePublished": "2018-08-16T18:00:00Z",
    "dateReserved": "2018-04-16T00:00:00",
    "dateUpdated": "2024-09-17T01:25:36.726Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-10140
Vulnerability from cvelistv5
Published
2018-08-16 18:00
Modified
2024-09-16 18:39
Severity ?
Summary
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.
References
http://www.securityfocus.com/bid/105107vdb-entry, x_refsource_BID
http://www.securitytracker.com/id/1041545vdb-entry, x_refsource_SECTRACK
https://security.paloaltonetworks.com/CVE-2018-10140x_refsource_CONFIRM
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:32:01.444Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "105107",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/105107"
          },
          {
            "name": "1041545",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1041545"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2018-10140"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.1.2 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2018-08-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T16:03:46",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "name": "105107",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/105107"
        },
        {
          "name": "1041545",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1041545"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2018-10140"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2018-08-15T00:00:00",
          "ID": "CVE-2018-10140",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.1.2 and earlier"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "105107",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/105107"
            },
            {
              "name": "1041545",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1041545"
            },
            {
              "name": "https://security.paloaltonetworks.com/CVE-2018-10140",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2018-10140"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2018-10140",
    "datePublished": "2018-08-16T18:00:00Z",
    "dateReserved": "2018-04-16T00:00:00",
    "dateUpdated": "2024-09-16T18:39:24.873Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0004
Vulnerability from cvelistv5
Published
2023-04-12 16:41
Modified
2024-08-02 04:54
Summary
PAN-OS: Local File Deletion Vulnerability
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.562Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-0004"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.15",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.11",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.6",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.2"
            },
            {
              "status": "unaffected",
              "version": "11.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Wim Barthier and Frank Lycops for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-04-12T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.\u003cbr\u003e\u003cbr\u003eThese files can include logs and system components that impact the integrity and availability of PAN-OS software."
            }
          ],
          "value": "A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.\n\nThese files can include logs and system components that impact the integrity and availability of PAN-OS software."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-703",
              "description": "CWE-703 Improper Check or Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-12T16:41:02.556Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-0004"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-171625"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-04-12T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Local File Deletion Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-0004",
    "datePublished": "2023-04-12T16:41:02.556Z",
    "dateReserved": "2022-10-27T18:48:13.579Z",
    "dateUpdated": "2024-08-02T04:54:32.562Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6793
Vulnerability from cvelistv5
Published
2023-12-13 18:40
Modified
2024-08-02 08:42
Summary
PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6793"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "All",
              "status": "unaffected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "All",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
            }
          ],
          "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage."
            }
          ],
          "value": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:40:54.955Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6793"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6793",
    "datePublished": "2023-12-13T18:40:54.955Z",
    "dateReserved": "2023-12-13T17:27:26.408Z",
    "dateUpdated": "2024-08-02T08:42:07.419Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3050
Vulnerability from cvelistv5
Published
2021-08-11 17:10
Modified
2024-09-16 22:51
Summary
PAN-OS: OS Command Injection Vulnerability in Web Interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.994Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3050"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0*",
              "status": "affected",
              "version": "9.0.10",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1*",
              "status": "affected",
              "version": "9.1.4",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0*",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1*",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by an external security researcher."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions; PAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1. Prisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:20",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3050"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-174326"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability in Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3050",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection Vulnerability in Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by an external security researcher."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions; PAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1. Prisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3050",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3050"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-174326"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3050",
    "datePublished": "2021-08-11T17:10:20.968755Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T22:51:48.059Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-1572
Vulnerability from cvelistv5
Published
2019-03-26 21:48
Modified
2024-08-04 18:20
Severity ?
Summary
PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:20:28.281Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107720",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107720"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2019-1572"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "PAN-OS 9.0.0"
            }
          ]
        }
      ],
      "datePublic": "2019-03-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Other",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T16:03:48",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "name": "107720",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107720"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2019-1572"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "ID": "CVE-2019-1572",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "PAN-OS 9.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107720",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107720"
            },
            {
              "name": "https://security.paloaltonetworks.com/CVE-2019-1572",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2019-1572"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2019-1572",
    "datePublished": "2019-03-26T21:48:35",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-08-04T18:20:28.281Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2036
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 21:07
Summary
PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.681Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2036"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0*",
              "status": "unaffected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies and Ben Nott of Palo Alto Networks for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator\u0027s browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T18:16:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2036"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-116720"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "Administrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources.  \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2036",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies and Ben Nott of Palo Alto Networks for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator\u0027s browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2036",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2036"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-116720"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Administrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources.  \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2036",
    "datePublished": "2020-09-09T16:45:25.685699Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T21:07:51.047Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3386
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Summary
PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:palo_alto_networks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_ngfw",
            "vendor": "palo_alto_networks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "prisma_access",
            "vendor": "palo_alto_networks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "palo_alto_networks",
            "versions": [
              {
                "lessThan": "9.0.17-h2",
                "status": "affected",
                "version": "9.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.17",
                "status": "affected",
                "version": "9.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.0.13",
                "status": "affected",
                "version": "10.0.00",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.9-h3",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.10",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.4-h2",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.5",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.1-h2",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.2",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "11.1.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3386",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-10T19:11:36.523628Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-07T15:13:59.508Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3386"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.17-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h2",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.13",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.9-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.9-h3",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4-h2",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1-h2",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device \u003e Certificate Management \u003e SSL Decryption Exclusions)."
            }
          ],
          "value": "You must configure Predefined Decryption Exclusions on your PAN-OS firewalls. You should check to see whether you have any configured exclusions in your firewall web interface (Device \u003e Certificate Management \u003e SSL Decryption Exclusions)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Frederic De Vlieger for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption."
            }
          ],
          "value": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-148",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-148 Content Spoofing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436 Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:32.694Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3386"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in 9.0.17-h2, 9.0.18, 9.1.17, 10.0.13, 10.1.9-h3, 10.1.10, 10.2.4-h2, 10.2.5, 11.0.1-h2, 11.0.2, 11.1.0 and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-208155"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3386",
    "datePublished": "2024-04-10T17:06:32.694Z",
    "dateReserved": "2024-04-05T17:40:19.116Z",
    "dateUpdated": "2024-08-01T20:12:06.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3060
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 18:56
Summary
PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3060"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.20-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "2.1 Preferred"
            },
            {
              "status": "affected",
              "version": "2.1 Innovation"
            },
            {
              "lessThan": "2.2*",
              "status": "unaffected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting \u0027Device \u003e Master Key and Diagnostics\u0027 from the web interface and change the key if needed."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, we expect exploits for this issue to become publicly available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:24",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3060"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-176661"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)",
      "workarounds": [
        {
          "lang": "en",
          "value": "Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3060",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Innovation"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting \u0027Device \u003e Master Key and Diagnostics\u0027 from the web interface and change the key if needed."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, we expect exploits for this issue to become publicly available."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3060",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3060"
            },
            {
              "name": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html",
              "refsource": "MISC",
              "url": "https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"
            },
            {
              "name": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html",
              "refsource": "MISC",
              "url": "https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-176661"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting \u0027Device \u003e Certificate Management \u003e SCEP\u0027 from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3060",
    "datePublished": "2021-11-10T17:10:24.593774Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T18:56:09.537Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2044
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 18:09
Summary
PAN-OS: Passwords may be logged in clear text while storing operational command (op command) history
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.567Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2044"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability where an administrator\u0027s password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command (op-command) usage but did not mask all sensitive information. The opcmdhistory.log file is removed in PAN-OS 9.1 and later PAN-OS versions. Command usage is recorded, instead, in the req_stats.log file in PAN-OS 9.1 and later PAN-OS versions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Information Exposure Through Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:30",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2044"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-135262"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Passwords may be logged in clear text while storing operational command (op command) history",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2044",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Passwords may be logged in clear text while storing operational command (op command) history"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability where an administrator\u0027s password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command (op-command) usage but did not mask all sensitive information. The opcmdhistory.log file is removed in PAN-OS 9.1 and later PAN-OS versions. Command usage is recorded, instead, in the req_stats.log file in PAN-OS 9.1 and later PAN-OS versions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-532 Information Exposure Through Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2044",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2044"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-135262"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2044",
    "datePublished": "2020-09-09T16:45:30.321750Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T18:09:13.065Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3031
Vulnerability from cvelistv5
Published
2021-01-13 18:10
Modified
2024-09-16 16:48
Summary
PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.688Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "lessThan": "8.1.18",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0.12",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1.5",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "lessThan": "8.1*",
              "status": "unaffected",
              "version": "8.1.18",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0*",
              "status": "unaffected",
              "version": "9.0.12",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.5",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer of Palo Alto Networks during a security review."
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-13T18:10:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3031"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.18, PAN-OS 9.0.12, PAN-OS 9.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-124681"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-01-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)",
      "workarounds": [
        {
          "lang": "en",
          "value": "There is no workaround to prevent the information leak in the Ethernet packets; however, restricting access to the networks mitigates the risk of this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
          "ID": "CVE-2021-3031",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200",
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.18"
                          },
                          {
                            "platform": "PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200",
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "platform": "PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200",
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.18"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer of Palo Alto Networks during a security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200 Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3031",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3031"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.18, PAN-OS 9.0.12, PAN-OS 9.1.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-124681"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-01-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There is no workaround to prevent the information leak in the Ethernet packets; however, restricting access to the networks mitigates the risk of this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3031",
    "datePublished": "2021-01-13T18:10:13.174067Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T16:48:43.134Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1997
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 19:36
Summary
PAN-OS: GlobalProtect registration open redirect
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.554Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1997"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "status": "unaffected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "9.1.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.0.14",
              "status": "affected",
              "version": "8.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1997"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.0.14, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-82052"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: GlobalProtect registration open redirect",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1997",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: GlobalProtect registration open redirect"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.0",
                            "version_value": "8.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.0",
                            "version_value": "8.0.14"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.1",
                            "version_value": "9.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1997",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1997"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.0.14, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-82052"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1997",
    "datePublished": "2020-05-13T19:07:14.025232Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:36:57.272Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2028
Vulnerability from cvelistv5
Published
2020-06-10 17:28
Modified
2024-09-16 18:18
Summary
PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.584Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2028"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-06-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:28:28",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2028"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-125804"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-06-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
          "ID": "CVE-2020-2028",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13; PAN-OS 9.0 versions earlier than PAN-OS 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2028",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2028"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-125804"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-06-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2028",
    "datePublished": "2020-06-10T17:28:28.840562Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T18:18:19.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3054
Vulnerability from cvelistv5
Published
2021-09-08 17:10
Modified
2024-09-16 23:40
Summary
PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.998Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3054"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.7",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.2",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Praetorian for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-367",
              "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-08T17:10:21",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3054"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-138727"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-09-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00.000Z",
          "ID": "CVE-2021-3054",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Praetorian for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3054",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3054"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-138727"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-09-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3054",
    "datePublished": "2021-09-08T17:10:21.284661Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T23:40:41.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9471
Vulnerability from cvelistv5
Published
2024-10-09 17:06
Modified
2024-10-18 11:58
Summary
PAN-OS: Privilege Escalation (PE) Vulnerability in XML API
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.0.3",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.11",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.8",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "9.1"
              },
              {
                "status": "affected",
                "version": "9.0"
              },
              {
                "status": "unaffected",
                "version": "11.1.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9471",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-09T20:28:43.911070Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T20:33:15.742Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.19:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.18:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.17:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.15:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:9.0:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.8",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "9.1"
            },
            {
              "status": "affected",
              "version": "9.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
            }
          ],
          "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-10-09T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations."
            }
          ],
          "value": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "GREEN",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Green",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "LOW"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-18T11:58:13.115Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-9471"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-217511",
          "PAN-152631"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-09T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Privilege Escalation (PE) Vulnerability in XML API",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e."
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices ."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-9471",
    "datePublished": "2024-10-09T17:06:41.456Z",
    "dateReserved": "2024-10-03T11:35:17.822Z",
    "dateUpdated": "2024-10-18T11:58:13.115Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3384
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Summary
PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3384",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-12T15:54:19.998958Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:32:38.411Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3384"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.15-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.15-h1",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            },
            {
              "status": "unaffected",
              "version": "10.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device \u003e User Identification \u003e User Mapping \u003e Palo Alto Networks User-ID Agent Setup \u003e NTLM)."
            }
          ],
          "value": "This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device \u003e User Identification \u003e User Mapping \u003e Palo Alto Networks User-ID Agent Setup \u003e NTLM)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks rqu for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."
            }
          ],
          "value": "A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1286",
              "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:21.704Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3384"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-198992"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3384",
    "datePublished": "2024-04-10T17:06:21.704Z",
    "dateReserved": "2024-04-05T17:40:17.390Z",
    "dateUpdated": "2024-08-01T20:12:06.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3063
Vulnerability from cvelistv5
Published
2021-11-10 17:10
Modified
2024-09-16 20:26
Summary
PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.265Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3063"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.21",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.21",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h4",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.8-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8-h4",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "2.2 all"
            },
            {
              "status": "unaffected",
              "version": "2.1 all"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers are not impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:29",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3063"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-180032"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces",
      "workarounds": [
        {
          "lang": "en",
          "value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3063",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.21"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8-h4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8-h4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "2.1",
                            "version_value": "all"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in \u0027Network \u003e GlobalProtect \u003e Portals\u0027 and in \u0027Network \u003e GlobalProtect \u003e Gateways\u0027 from the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers are not impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755 Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3063",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3063"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-180032"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.2",
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.8-h2",
          "PAN-OS 10.0.8-h1",
          "PAN-OS 10.0.8",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h2",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h3",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20-h1",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3063",
    "datePublished": "2021-11-10T17:10:29.461099Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T20:26:42.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3387
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-01 20:12
Summary
PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "10.2.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "10.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "11.0.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3387",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-19T19:33:54.917377Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:31:52.758Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.646Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3387"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.0"
            },
            {
              "status": "unaffected",
              "version": "9.1.0"
            },
            {
              "changes": [
                {
                  "at": "10.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.12",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.7-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.7-h3",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.8",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.4",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks one of our customers for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."
            }
          ],
          "value": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-20",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-20 Encryption Brute Forcing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326 Inadequate Encryption Strength",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:36.676Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3387"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.12, PAN-OS 10.2.7-h3, PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-200047"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3387",
    "datePublished": "2024-04-10T17:06:36.676Z",
    "dateReserved": "2024-04-05T17:40:19.884Z",
    "dateUpdated": "2024-08-01T20:12:06.646Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-0008
Vulnerability from cvelistv5
Published
2023-05-10 16:34
Modified
2024-08-02 04:54
Summary
PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:54:32.571Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-0008"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.25",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.25",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.16",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Alex Hordijk"
        }
      ],
      "datePublic": "2023-05-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\u003c/p\u003e"
            }
          ],
          "value": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.\n\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003ePalo Alto Networks is not aware of any malicious exploitation of this issue.\u003c/p\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": " "
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "CWE-73: External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-11T17:18:58.787Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-0008"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.10, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.10, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-205063"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-05-10T16:00:00.000Z",
          "value": "Initial publication"
        },
        {
          "lang": "en",
          "time": "2023-05-11T17:05:00.000Z",
          "value": "Clarified that the administrator must have read-write privileges"
        }
      ],
      "title": "PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-0008",
    "datePublished": "2023-05-10T16:34:18.429Z",
    "dateReserved": "2022-10-27T18:48:17.776Z",
    "dateUpdated": "2024-08-02T04:54:32.571Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3048
Vulnerability from cvelistv5
Published
2021-08-11 17:10
Modified
2024-09-16 19:31
Summary
PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.9",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.5",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only if an External Dynamic List (EDL) is configured on the firewall.\nAn EDL that contains only domain names or IP addresses will not cause this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was encountered by some customers of Palo Alto Networks during regular operation."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.\n\nIf a firewall encounters this problem, you will require TAC assistance to make the firewall operational again."
        }
      ],
      "source": {
        "defect": [
          "PAN-160455"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage",
      "workarounds": [
        {
          "lang": "en",
          "value": "You can prevent this issue by removing all invalid URL entries from source EDLs or removing the EDL from your configuration.\n\nAdditionally, do not configure EDLs from websites that you do not trust."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3048",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only if an External Dynamic List (EDL) is configured on the firewall.\nAn EDL that contains only domain names or IP addresses will not cause this issue."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was encountered by some customers of Palo Alto Networks during regular operation."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-3048",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.\n\nIf a firewall encounters this problem, you will require TAC assistance to make the firewall operational again."
          }
        ],
        "source": {
          "defect": [
            "PAN-160455"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You can prevent this issue by removing all invalid URL entries from source EDLs or removing the EDL from your configuration.\n\nAdditionally, do not configure EDLs from websites that you do not trust."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3048",
    "datePublished": "2021-08-11T17:10:19.346151Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T19:31:48.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1980
Vulnerability from cvelistv5
Published
2020-03-11 18:58
Modified
2024-09-16 16:29
Summary
PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.366Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1980"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.1 \u003c 8.1.13"
            },
            {
              "status": "affected",
              "version": "8.1 !\u003e= 8.1.13"
            },
            {
              "status": "affected",
              "version": "9.0 !\u003e= 9.0.0"
            },
            {
              "status": "affected",
              "version": "7.1 !\u003e= 7.1.0"
            },
            {
              "status": "affected",
              "version": "9.1 !\u003e= 9.1.0"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "N/A"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered during an internal security review."
        }
      ],
      "datePublic": "2020-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-11T18:58:17",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1980"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-102674"
        ],
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-03-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-03-11T16:00:00.000Z",
          "ID": "CVE-2020-1980",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.1 \u003c 8.1.13"
                          },
                          {
                            "version_value": "8.1 !\u003e= 8.1.13"
                          },
                          {
                            "version_value": "9.0 !\u003e= 9.0.0"
                          },
                          {
                            "version_value": "7.1 !\u003e= 7.1.0"
                          },
                          {
                            "version_value": "9.1 !\u003e= 9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "N/A"
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered during an internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1980",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1980"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-102674"
          ],
          "discovery": "UNKNOWN"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-03-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1980",
    "datePublished": "2020-03-11T18:58:17.891426Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:29:01.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0009
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Summary
PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0009",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-15T20:06:19.062126Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:59:03.434Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.849Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-0009"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0"
            },
            {
              "status": "unaffected",
              "version": "9.1"
            },
            {
              "status": "unaffected",
              "version": "10.1"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.1",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect gateway enabled. You can verify whether you have a GlobalProtect gateway configured by checking for entries in your firewall web interface (Network \u0026gt; GlobalProtect \u0026gt; Gateways)."
            }
          ],
          "value": "This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect gateway enabled. You can verify whether you have a GlobalProtect gateway configured by checking for entries in your firewall web interface (Network \u003e GlobalProtect \u003e Gateways)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Matthew Fong for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-02-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address."
            }
          ],
          "value": "An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an unauthorized IP address."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-940",
              "description": "CWE-940 Improper Verification of Source of a Communication Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T17:32:23.171Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-0009"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-209787"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Improper IP Address Verification in GlobalProtect Gateway",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0009",
    "datePublished": "2024-02-14T17:32:23.171Z",
    "dateReserved": "2023-11-09T18:56:06.893Z",
    "dateUpdated": "2024-08-01T17:41:15.849Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3032
Vulnerability from cvelistv5
Published
2021-01-13 18:10
Modified
2024-09-16 22:45
Summary
PAN-OS: Configuration secrets for log forwarding may be logged in system logs
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3032"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.18",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.18",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.12",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is only applicable to PAN-OS devices configured to use log forwarding. You can verify this in the management web interface: Device -\u003e Log Settings."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by My Tran, Mai Phan, and Claire Zhou of Palo Alto Networks during internal security testing."
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Information Exposure Through Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-13T18:10:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3032"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "If the PAN-OS firewall is impacted, then you must clear the configuration file (/var/log/pan/logrcvr.log). This can be accomplished by running the following CLI command:\n  \"delete debug-log mp-log file logrcvr.log\".\n\nThis issue is fixed in PAN-OS 8.1.18, PAN-OS 9.0.12, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-149377"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-01-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Configuration secrets for log forwarding may be logged in system logs",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
          "ID": "CVE-2021-3032",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Configuration secrets for log forwarding may be logged in system logs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.18"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.18"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is only applicable to PAN-OS devices configured to use log forwarding. You can verify this in the management web interface: Device -\u003e Log Settings."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by My Tran, Mai Phan, and Claire Zhou of Palo Alto Networks during internal security testing."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-532 Information Exposure Through Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3032",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3032"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "If the PAN-OS firewall is impacted, then you must clear the configuration file (/var/log/pan/logrcvr.log). This can be accomplished by running the following CLI command:\n  \"delete debug-log mp-log file logrcvr.log\".\n\nThis issue is fixed in PAN-OS 8.1.18, PAN-OS 9.0.12, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-149377"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-01-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3032",
    "datePublished": "2021-01-13T18:10:13.785838Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T22:45:51.286Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-2550
Vulnerability from cvelistv5
Published
2024-11-14 09:40
Modified
2024-11-14 14:11
Summary
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2550",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:11:13.254898Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:11:24.889Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "changes": [
                {
                  "at": "11.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.5",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.6",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.11",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue impacts only firewalls on which you configured a GlobalProtect gateway. You can verify whether you configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Gateways)."
            }
          ],
          "value": "This issue impacts only firewalls on which you configured a GlobalProtect gateway. You can verify whether you configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Gateways)."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Michael Baker from AC3"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
            }
          ],
          "value": "A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:40:38.838Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.5, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-244950",
          "PAN-221352"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2550",
    "datePublished": "2024-11-14T09:40:38.838Z",
    "dateReserved": "2024-03-15T22:43:26.399Z",
    "dateUpdated": "2024-11-14T14:11:24.889Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-0008
Vulnerability from cvelistv5
Published
2024-02-14 17:32
Modified
2024-08-01 17:41
Summary
PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:41:15.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-0008"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.17-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h2",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.18",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.18",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12-h1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.13",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10-h1",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.11",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Brian Yaklin for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-02-14T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access."
            }
          ],
          "value": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-613",
              "description": "CWE-613 Insufficient Session Expiration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T17:32:17.611Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-0008"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.0.17-h2, PAN-OS 9.1.17, PAN-OS 10.0.12-h1, PAN-OS 10.1.10-h1, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.0.17-h2, PAN-OS 9.1.17, PAN-OS 10.0.12-h1, PAN-OS 10.1.10-h1, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-211664"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Ensure that inactivity-based screen locks are enforced on endpoints with access to the PAN-OS web interface."
            }
          ],
          "value": "Ensure that inactivity-based screen locks are enforced on endpoints with access to the PAN-OS web interface."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-0008",
    "datePublished": "2024-02-14T17:32:17.611Z",
    "dateReserved": "2023-11-09T18:56:05.666Z",
    "dateUpdated": "2024-08-01T17:41:15.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1996
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 02:20
Summary
PAN-OS: Panorama management server log injection
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1996"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log file This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.9."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-862",
              "description": "CWE-862 Missing Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1996"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.9, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-117955"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama management server log injection",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1996",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama management server log injection"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log file This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.9."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-862 Missing Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1996",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1996"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.9, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-117955"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1996",
    "datePublished": "2020-05-13T19:07:13.986877Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T02:20:44.846Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1981
Vulnerability from cvelistv5
Published
2020-03-11 18:58
Modified
2024-09-17 02:37
Summary
PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.381Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1981"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.1 \u003c 8.1.13"
            },
            {
              "status": "affected",
              "version": "8.1 !\u003e= 8.1.13"
            },
            {
              "status": "affected",
              "version": "9.0 !\u003e= 9.0.0"
            },
            {
              "status": "affected",
              "version": "7.1 !\u003e= 7.1.0"
            },
            {
              "status": "affected",
              "version": "9.1 !\u003e= 9.1.0"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "N/A"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found during an internal security review."
        }
      ],
      "datePublic": "2020-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377 Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-11T18:58:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1981"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-103038"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-03-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-03-11T16:00:00.000Z",
          "ID": "CVE-2020-1981",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.1 \u003c 8.1.13"
                          },
                          {
                            "version_value": "8.1 !\u003e= 8.1.13"
                          },
                          {
                            "version_value": "9.0 !\u003e= 9.0.0"
                          },
                          {
                            "version_value": "7.1 !\u003e= 7.1.0"
                          },
                          {
                            "version_value": "9.1 !\u003e= 9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "N/A"
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found during an internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377 Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1981",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1981"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-103038"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-03-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1981",
    "datePublished": "2020-03-11T18:58:14.627439Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T02:37:39.110Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2022
Vulnerability from cvelistv5
Published
2020-11-12 00:05
Modified
2024-09-16 17:08
Summary
PAN-OS: Panorama session disclosure during context switch into managed device
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.535Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2022"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.17",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.11",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.5",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator\u0027s session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T00:05:20",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2022"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-125218"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-11-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama session disclosure during context switch into managed device",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html"
        },
        {
          "lang": "en",
          "value": "This issue impacts the management web interface of appliances running PAN-OS software and is strongly mitigated by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/best-practices"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
          "ID": "CVE-2020-2022",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama session disclosure during context switch into managed device"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html"
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator\u0027s session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200 Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2022",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2022"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-125218"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-11-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html"
          },
          {
            "lang": "en",
            "value": "This issue impacts the management web interface of appliances running PAN-OS software and is strongly mitigated by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/best-practices"
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2022",
    "datePublished": "2020-11-12T00:05:21.095155Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T17:08:08.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1994
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 22:15
Summary
PAN-OS: Predictable temporary file vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1994"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377 Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:22:01",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1994"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-123391"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Predictable temporary file vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1994",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Predictable temporary file vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377 Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1994",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1994"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-123391"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1994",
    "datePublished": "2020-05-13T19:07:13.915373Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T22:15:17.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2013
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-17 03:14
Summary
PAN-OS: Panorama context switch session cookie disclosure
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.965Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2013"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.1",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator\u0027s PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator\u0027s account and further manipulate devices managed by Panorama. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All version of PAN-OS 8.0;"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-319",
              "description": "CWE-319 Cleartext Transmission of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2013"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-125122"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama context switch session cookie disclosure",
      "workarounds": [
        {
          "lang": "en",
          "value": "One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator\u2019s session cookie is valid at time of attack."
        },
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2013",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama context switch session cookie disclosure"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.1"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator\u0027s PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator\u0027s account and further manipulate devices managed by Panorama. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All version of PAN-OS 8.0;"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-319 Cleartext Transmission of Sensitive Information"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2013",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2013"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-125122"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator\u2019s session cookie is valid at time of attack."
          },
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2013",
    "datePublished": "2020-05-13T19:07:14.572738Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T03:14:40.162Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2017
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 22:57
Summary
PAN-OS: DOM-Based cross site scripting vulnerability in management web interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2017"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Chris Ganas of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator\u0027s browser and perform administrative actions. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Cross-site Scripting (XSS)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:24:05",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2017"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-121058"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: DOM-Based cross site scripting vulnerability in management web interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2017",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: DOM-Based cross site scripting vulnerability in management web interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Chris Ganas of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator\u0027s browser and perform administrative actions. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-79 Cross-site Scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2017",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2017"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-121058"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2017",
    "datePublished": "2020-05-13T19:07:14.735526Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T22:57:10.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2040
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 22:40
Severity ?
Summary
PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2040"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.15",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0*",
              "status": "unaffected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only where either Captive Portal or Multi-Factor Authentication (MFA) is enabled."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:27",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2040"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nAll Prisma Access services are now upgraded to resolve this issue and are no longer vulnerable.\n\nPAN-OS 7.1 and 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-145149",
          "PAN-145150",
          "PAN-145151",
          "PAN-145195"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled",
      "workarounds": [
        {
          "lang": "en",
          "value": "Until PAN-OS software is upgraded to a fixed version, enabling signatures in content update version 8317 will block attacks against CVE-2020-2040."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2040",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only where either Captive Portal or Multi-Factor Authentication (MFA) is enabled."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Yamata Li of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120 Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2040",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2040"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nAll Prisma Access services are now upgraded to resolve this issue and are no longer vulnerable.\n\nPAN-OS 7.1 and 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-145149",
            "PAN-145150",
            "PAN-145151",
            "PAN-145195"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Until PAN-OS software is upgraded to a fixed version, enabling signatures in content update version 8317 will block attacks against CVE-2020-2040."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2040",
    "datePublished": "2020-09-09T16:45:27.805152Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T22:40:15.121Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1999
Vulnerability from cvelistv5
Published
2020-11-12 00:05
Modified
2024-09-17 01:15
Summary
PAN-OS: Threat signatures are evaded by specifically crafted packets
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.597Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.17",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.11",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.11",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.5",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Vijay Prakash of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T00:05:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1999"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-145133"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-11-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Threat signatures are evaded by specifically crafted packets",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
          "ID": "CVE-2020-1999",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Threat signatures are evaded by specifically crafted packets"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.17"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.11"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.5"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Vijay Prakash of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1999",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1999"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-145133"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-11-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1",
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1999",
    "datePublished": "2020-11-12T00:05:19.633253Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:15:53.377Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1975
Vulnerability from cvelistv5
Published
2020-02-12 22:57
Modified
2024-09-16 18:23
Summary
Missing XML Validation in PAN-OS Web Interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.1.*"
            },
            {
              "status": "unaffected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.12",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue requires that the web-based management interface is enabled on the hardware or virtual appliance."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found during a security assessment performed by a customer."
        }
      ],
      "datePublic": "2020-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-112",
              "description": "CWE-112 Missing XML Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-12T22:57:08",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-124593"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Missing XML Validation in PAN-OS Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the web-based management interface of the appliance. Access to the web-based management interface of the appliance should be limited strictly to only trusted users, hosts, and networks."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
          "ID": "CVE-2020-1975",
          "STATE": "PUBLIC",
          "TITLE": "Missing XML Validation in PAN-OS Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue requires that the web-based management interface is enabled on the hardware or virtual appliance."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found during a security assessment performed by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-112 Missing XML Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1975",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-124593"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the web-based management interface of the appliance. Access to the web-based management interface of the appliance should be limited strictly to only trusted users, hosts, and networks."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1975",
    "datePublished": "2020-02-12T22:57:08.099602Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T18:23:27.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-17440
Vulnerability from cvelistv5
Published
2019-12-20 15:22
Modified
2024-09-17 01:56
Severity ?
Summary
PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:40:15.760Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2019-17440"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "PA-7000 Series with 2nd Generation SMC"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.6, 9.0.5-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.5-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "8.0"
            },
            {
              "status": "unaffected",
              "version": "8.1"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks would like to thank Ayad (Ed) Sleiman, Head of Information Security at King Abdullah University of Science and Technology (KAUST) and his team for discovering and responsibly reporting this issue."
        }
      ],
      "datePublic": "2019-12-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-923",
              "description": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-17T16:03:48",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2019-17440"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in 9.0.5-h3 and all subsequent releases. Content update 8218-5815 also fixes the issue."
        }
      ],
      "source": {
        "advisory": "PAN-SA-2019-0040",
        "defect": [
          "PAN-134242"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access",
      "workarounds": [
        {
          "lang": "en",
          "value": "(1) Content update 8218-5815 can be applied without requiring a software update. Once the content update is installed please ensure that next PAN-OS upgrade is to a fixed version (9.0.5-h3 or later). Do not upgrade or downgrade to an affected release, as it can reintroduce the vulnerability.\n(2) Configure security policies to prevent network sessions destined to LFC.\n(3) Ensure that LFC is only connected to a secured administrative network with access restricted to trusted users.\n(4) Disable or disconnect LFC from the network until fixes can be applied."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2019-12-19T19:35:00.000Z",
          "ID": "CVE-2019-17440",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "PA-7000 Series with 2nd Generation SMC",
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.5-h3"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.0",
                            "version_value": "8.0"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1"
                          },
                          {
                            "platform": "PA-7000 Series with 2nd Generation SMC",
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6, 9.0.5-h3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks would like to thank Ayad (Ed) Sleiman, Head of Information Security at King Abdullah University of Science and Technology (KAUST) and his team for discovering and responsibly reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-923 Improper Restriction of Communication Channel to Intended Endpoints"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2019-17440",
              "refsource": "CONFIRM",
              "url": "https://security.paloaltonetworks.com/CVE-2019-17440"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in 9.0.5-h3 and all subsequent releases. Content update 8218-5815 also fixes the issue."
          }
        ],
        "source": {
          "advisory": "PAN-SA-2019-0040",
          "defect": [
            "PAN-134242"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "(1) Content update 8218-5815 can be applied without requiring a software update. Once the content update is installed please ensure that next PAN-OS upgrade is to a fixed version (9.0.5-h3 or later). Do not upgrade or downgrade to an affected release, as it can reintroduce the vulnerability.\n(2) Configure security policies to prevent network sessions destined to LFC.\n(3) Ensure that LFC is only connected to a secured administrative network with access restricted to trusted users.\n(4) Disable or disconnect LFC from the network until fixes can be applied."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2019-17440",
    "datePublished": "2019-12-20T15:22:18.040020Z",
    "dateReserved": "2019-10-10T00:00:00",
    "dateUpdated": "2024-09-17T01:56:43.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-3055
Vulnerability from cvelistv5
Published
2021-09-08 17:10
Modified
2024-09-17 00:30
Summary
PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:50.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3055"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.10",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.6",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer of Palo Alto Networks during a security review."
        }
      ],
      "datePublic": "2021-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.6. This issue does not affect Prisma Access."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-08T17:10:22",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3055"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.10, PAN-OS 10.0.6, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-166241"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-09-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-09-08T16:00:00.000Z",
          "ID": "CVE-2021-3055",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.6"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer of Palo Alto Networks during a security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.6. This issue does not affect Prisma Access."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-611 Improper Restriction of XML External Entity Reference (\u0027XXE\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3055",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3055"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.10, PAN-OS 10.0.6, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-166241"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-09-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3055",
    "datePublished": "2021-09-08T17:10:22.809239Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-17T00:30:33.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1993
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:00
Summary
PAN-OS: GlobalProtect Portal PHP session fixation vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.589Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1993"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.8",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.2*",
              "status": "unaffected",
              "version": "9.2.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user\u0027s session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.8."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-384",
              "description": "CWE-384 Session Fixation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1993"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.8, PAN-OS 9.1.0, PAN-OS 9.2.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-124039"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: GlobalProtect Portal PHP session fixation vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-1993",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: GlobalProtect Portal PHP session fixation vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.2",
                            "version_value": "9.2.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user\u0027s session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.8."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-384 Session Fixation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1993",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1993"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.8, PAN-OS 9.1.0, PAN-OS 9.2.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-124039"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "There are no known workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1993",
    "datePublished": "2020-05-13T19:07:13.853287Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:00:41.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2018
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:50
Severity ?
Summary
PAN-OS: Panorama authentication bypass vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.524Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2018"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.12",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama\u0027s management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue does not affect Panorama configured with custom certificates authentication for communication between Panorama and managed devices. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.12; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2018"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nUpgrading Panorama to a fixed version is sufficient to resolve the issue.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-123661"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama authentication bypass vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be completely mitigated by enabling custom certificates authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/8-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html\n\nThis issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2018",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama authentication bypass vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama\u0027s management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue does not affect Panorama configured with custom certificates authentication for communication between Panorama and managed devices. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.12; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287 Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2018",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2018"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nUpgrading Panorama to a fixed version is sufficient to resolve the issue.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-123661"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue can be completely mitigated by enabling custom certificates authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/8-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html\n\nThis issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2018",
    "datePublished": "2020-05-13T19:07:14.771651Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:50:38.279Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-9472
Vulnerability from cvelistv5
Published
2024-11-14 09:34
Modified
2024-11-14 14:10
Summary
PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9472",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:09:59.075028Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T14:10:30.404Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "11.2.2-h3",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.2-h3",
              "status": "affected",
              "version": "11.2.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.2-h14",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.3-h10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.2-h14",
              "status": "affected",
              "version": "11.1.2-h9",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "changes": [
                {
                  "at": "10.2.7-h16",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.8-h13",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.9-14",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h7",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.11-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.7-h16",
              "status": "affected",
              "version": "10.2.7-h12",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is only applicable firewalls where url proxy or any decrypt-policy is configured.\u003cbr\u003e\u003cbr\u003eWhen any decrypt policy is configured, this issue may be encountered regardless of whether traffic matches explicit decrypt, explicit no-decrypt, or none of the decryption policies.\u003cbr\u003e"
            }
          ],
          "value": "This issue is only applicable firewalls where url proxy or any decrypt-policy is configured.\n\nWhen any decrypt policy is configured, this issue may be encountered regardless of whether traffic matches explicit decrypt, explicit no-decrypt, or none of the decryption policies."
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eA null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003ePalo Alto Networks VM-Series, Cloud NGFW, and Prisma Access are not affected.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThis issue only affects PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series running these specific versions of PAN-OS:\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e10.2.7-h12\u003c/li\u003e\u003cli\u003e10.2.8-h10\u003c/li\u003e\u003cli\u003e10.2.9-h9\u003c/li\u003e\u003cli\u003e10.2.9-h11\u003c/li\u003e\u003cli\u003e10.2.10-h2\u003c/li\u003e\u003cli\u003e10.2.10-h3\u003c/li\u003e\u003cli\u003e10.2.11\u003c/li\u003e\u003cli\u003e10.2.11-h1\u003c/li\u003e\u003cli\u003e10.2.11-h2\u003c/li\u003e\u003cli\u003e10.2.11-h3\u003c/li\u003e\u003cli\u003e11.1.2-h9\u003c/li\u003e\u003cli\u003e11.1.2-h12\u003c/li\u003e\u003cli\u003e11.1.3-h2\u003c/li\u003e\u003cli\u003e11.1.3-h4\u003c/li\u003e\u003cli\u003e11.1.3-h6\u003c/li\u003e\u003cli\u003e11.2.2\u003c/li\u003e\u003cli\u003e11.2.2-h1\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e"
            }
          ],
          "value": "A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.\n\n\nPalo Alto Networks VM-Series, Cloud NGFW, and Prisma Access are not affected.\n\n\nThis issue only affects PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series running these specific versions of PAN-OS:\n\n  *  10.2.7-h12\n  *  10.2.8-h10\n  *  10.2.9-h9\n  *  10.2.9-h11\n  *  10.2.10-h2\n  *  10.2.10-h3\n  *  10.2.11\n  *  10.2.11-h1\n  *  10.2.11-h2\n  *  10.2.11-h3\n  *  11.1.2-h9\n  *  11.1.2-h12\n  *  11.1.3-h2\n  *  11.1.3-h4\n  *  11.1.3-h6\n  *  11.2.2\n  *  11.2.2-h1"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:34:22.665Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-262287",
          "PAN-226361"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue does not impact firewalls that do not have url proxy or any decrypt-policy configured.\u003cbr\u003e\u003cbr\u003eThe issue can be completely mitigated by setting this option:\u003cbr\u003e\u003cbr\u003eset system setting ctd nonblocking-pattern-match disable"
            }
          ],
          "value": "This issue does not impact firewalls that do not have url proxy or any decrypt-policy configured.\n\nThe issue can be completely mitigated by setting this option:\n\nset system setting ctd nonblocking-pattern-match disable"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-9472",
    "datePublished": "2024-11-14T09:34:22.665Z",
    "dateReserved": "2024-10-03T11:35:18.693Z",
    "dateUpdated": "2024-11-14T14:10:30.404Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2001
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 20:48
Summary
PAN-OS: Panorama External control of file vulnerability leads to privilege escalation
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.607Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2001"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.12",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All PAN-OS 7.1 Panorama and 8.0 Panorama versions; PAN-OS 8.1 versions earlier than 8.1.12 on Panorama; PAN-OS 9.0 versions earlier than 9.0.6 on Panorama."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-123",
              "description": "CWE-123 Write-what-where Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-14T15:40:56",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2001"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-120397"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama External control of file vulnerability leads to privilege escalation",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2001",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama External control of file vulnerability leads to privilege escalation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All PAN-OS 7.1 Panorama and 8.0 Panorama versions; PAN-OS 8.1 versions earlier than 8.1.12 on Panorama; PAN-OS 9.0 versions earlier than 9.0.6 on Panorama."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-123 Write-what-where Condition"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2001",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2001"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-120397"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2001",
    "datePublished": "2020-05-13T19:07:14.106961Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T20:48:20.875Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2016
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:31
Summary
PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.578Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2016"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "7.1.26",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.26",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.13",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.13",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks the UK\u0027s National Cyber Security Centre (NCSC) for discovering and reporting this issue."
        },
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks the NCC Group for finding this issue independently during a contracted PAN-OS security assessment."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377 Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:24:03",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2016"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-128248"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2016",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.26"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.13"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks the UK\u0027s National Cyber Security Centre (NCSC) for discovering and reporting this issue."
          },
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks the NCC Group for finding this issue independently during a contracted PAN-OS security assessment."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377 Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2016",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2016"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-128248"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2016",
    "datePublished": "2020-05-13T19:07:14.700757Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:31:31.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5916
Vulnerability from cvelistv5
Published
2024-08-14 16:41
Modified
2024-08-14 18:25
Summary
PAN-OS: Cleartext Exposure of External System Secrets
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5916",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-14T18:17:46.783901Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-14T18:25:01.965Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.1"
            },
            {
              "status": "unaffected",
              "version": "10.1"
            },
            {
              "changes": [
                {
                  "at": "10.2.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.8",
              "status": "affected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.4",
              "status": "affected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "AWS",
            "Azure"
          ],
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "Before 8/15"
            },
            {
              "status": "unaffected",
              "version": "On or after 8/15"
            },
            {
              "status": "affected",
              "version": "Before 8/23"
            },
            {
              "status": "unaffected",
              "version": "On or after 8/23"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Hari Yadavalli of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-08-14T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems."
            }
          ],
          "value": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-116",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-116 Excavation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "HIGH"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-313",
              "description": "CWE-313: Cleartext Storage in a File or on Disk",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-14T16:41:15.812Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-5916"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions. This issue is fixed in Cloud NGFW on or after 8/15 on Azure, Cloud NGFW on or after 8/23 on AWS, and all later Cloud NGFW versions.\n\nYou should also revoke the secrets, passwords, and tokens that are configured in all server profiles of affected PAN-OS firewalls (Device \u0026gt; Server Profiles) after upgrading PAN-OS.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later PAN-OS versions. This issue is fixed in Cloud NGFW on or after 8/15 on Azure, Cloud NGFW on or after 8/23 on AWS, and all later Cloud NGFW versions.\n\nYou should also revoke the secrets, passwords, and tokens that are configured in all server profiles of affected PAN-OS firewalls (Device \u003e Server Profiles) after upgrading PAN-OS."
        }
      ],
      "source": {
        "defect": [
          "PAN-231823"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-14T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Cleartext Exposure of External System Secrets",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5916",
    "datePublished": "2024-08-14T16:41:15.812Z",
    "dateReserved": "2024-06-12T15:27:56.840Z",
    "dateUpdated": "2024-08-14T18:25:01.965Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-1982
Vulnerability from cvelistv5
Published
2020-07-08 16:35
Modified
2024-09-17 00:52
Summary
PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.692Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1982"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "unaffected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.15",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer."
        }
      ],
      "datePublic": "2020-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud-delivered services. We do not believe that any communication is impacted as a result of known attacks against TLS 1.0. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.14; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. PAN-OS 7.1 is not impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud delivered services. Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-326",
              "description": "CWE-326 Inadequate Encryption Strength",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-08T16:35:16",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1982"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nA fixed version of PAN-OS is required to ensure secure usage of cloud-delivered services without interruption.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-141122",
          "PAN-141579"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-07-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services",
      "workarounds": [
        {
          "lang": "en",
          "value": "Since TLS 1.0 weaknesses are exploited by the man-in-the-middle type of attackers, ensuring security of the networks reduces risks of exploitation of these issues."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-07-08T16:00:00.000Z",
          "ID": "CVE-2020-1982",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud-delivered services. We do not believe that any communication is impacted as a result of known attacks against TLS 1.0. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.14; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. PAN-OS 7.1 is not impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the communication between PAN-OS and cloud delivered services. Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-326 Inadequate Encryption Strength"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1982",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1982"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nA fixed version of PAN-OS is required to ensure secure usage of cloud-delivered services without interruption.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-141122",
            "PAN-141579"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-07-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Since TLS 1.0 weaknesses are exploited by the man-in-the-middle type of attackers, ensuring security of the networks reduces risks of exploitation of these issues."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1982",
    "datePublished": "2020-07-08T16:35:16.480967Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:52:21.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2043
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 22:08
Summary
PAN-OS: Passwords may be logged in clear text when using after-change-detail custom syslog field for config logs
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.924Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2043"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "lessThan": "10.0*",
              "status": "unaffected",
              "version": "10.0.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is only applicable when when the after-change-detail custom syslog field is enabled for config logs."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by a customer of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple times in one log entry. The first instance of the sensitive field is masked but subsequent instances are left in clear text. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "CWE-532 Information Exposure Through Log Files",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:29",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2043"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-146837"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Passwords may be logged in clear text when using after-change-detail custom syslog field for config logs",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2043",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Passwords may be logged in clear text when using after-change-detail custom syslog field for config logs"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is only applicable when when the after-change-detail custom syslog field is enabled for config logs."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by a customer of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple times in one log entry. The first instance of the sensitive field is masked but subsequent instances are left in clear text. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-532 Information Exposure Through Log Files"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2043",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2043"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-146837"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2043",
    "datePublished": "2020-09-09T16:45:29.552659Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T22:08:43.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0030
Vulnerability from cvelistv5
Published
2022-10-12 16:30
Modified
2024-09-16 20:36
Summary
PAN-OS: Authentication Bypass in Web Interface
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:41.402Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2022-0030"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0 All"
            },
            {
              "status": "unaffected",
              "version": "9.1 All"
            },
            {
              "status": "unaffected",
              "version": "10.1 All"
            },
            {
              "status": "unaffected",
              "version": "10.2 All"
            },
            {
              "status": "unaffected",
              "version": "10.0 All"
            },
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks the security researcher that discovered and reported this issue."
        }
      ],
      "datePublic": "2022-10-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290 Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-12T00:00:00",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2022-0030"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates:  https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html."
        }
      ],
      "source": {
        "defect": [
          "PAN-195571"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-10-12T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authentication Bypass in Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2022-0030",
    "datePublished": "2022-10-12T16:30:12.300627Z",
    "dateReserved": "2021-12-28T00:00:00",
    "dateUpdated": "2024-09-16T20:36:43.575Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-5911
Vulnerability from cvelistv5
Published
2024-07-10 18:40
Modified
2024-08-01 21:25
Summary
PAN-OS: File Upload Vulnerability in the Panorama Web Interface
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5911",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T15:23:10.222176Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-11T15:23:41.410Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:25:03.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-5911"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Panorama"
          ],
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.9",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Yasukazu Miyashita of Palo Alto Networks"
        }
      ],
      "datePublic": "2024-07-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."
            }
          ],
          "value": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-240",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-240 Resource Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "DIFFUSE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-10T18:40:02.209Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5911"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-182835"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: File Upload Vulnerability in the Panorama Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at  https://docs.paloaltonetworks.com/best-practices ."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5911",
    "datePublished": "2024-07-10T18:40:02.209Z",
    "dateReserved": "2024-06-12T15:27:56.004Z",
    "dateUpdated": "2024-08-01T21:25:03.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2041
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 19:47
Summary
PAN-OS: Management web interface denial-of-service (DoS)
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2041"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "9.0.*"
            },
            {
              "status": "unaffected",
              "version": "9.1.*"
            },
            {
              "status": "unaffected",
              "version": "10.0.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-16",
              "description": "CWE-16 Configuration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:28",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2041"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-151978"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Management web interface denial-of-service (DoS)",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2041",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Management web interface denial-of-service (DoS)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.0",
                            "version_value": "9.0.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "9.1",
                            "version_value": "9.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.0",
                            "version_value": "10.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-16 Configuration"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2041",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2041"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-151978"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2041",
    "datePublished": "2020-09-09T16:45:28.345901Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T19:47:23.091Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2000
Vulnerability from cvelistv5
Published
2020-11-12 00:05
Modified
2024-09-16 16:58
Summary
PAN-OS: OS command injection and memory corruption vulnerability
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.615Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2000"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-11-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-12T00:05:20",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2000"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-149822",
          "PAN-150013",
          "PAN-150170"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-11-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection and memory corruption vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-11-11T17:00:00.000Z",
          "ID": "CVE-2020-2000",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection and memory corruption vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121 Stack-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2000",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2000"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-149822",
            "PAN-150013",
            "PAN-150170"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-11-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2000",
    "datePublished": "2020-11-12T00:05:20.120304Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T16:58:42.346Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6792
Vulnerability from cvelistv5
Published
2023-12-13 18:16
Modified
2024-10-08 14:26
Summary
PAN-OS: OS Command Injection Vulnerability in the XML API
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:07.471Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2023-6792"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6792",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-08T14:25:49.110797Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-08T14:26:00.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "8.1.24",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.24",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.15",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.12",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.6",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "10.2",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.0",
              "versionType": "custom"
            },
            {
              "lessThan": "All",
              "status": "unaffected",
              "version": "11.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
            }
          ],
          "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks Ethan Shackelford of IOActive for discovering and reporting this issue."
        }
      ],
      "datePublic": "2023-12-13T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
            }
          ],
          "value": "An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-88",
              "description": "CWE-88 Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-13T18:16:18.893Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2023-6792"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.6, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.6, and all later PAN-OS versions."
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-12-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability in the XML API",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 91715 (introduced in Applications and Threats content update 8473).\u003cbr\u003e\u003cbr\u003eThis issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
            }
          ],
          "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 91715 (introduced in Applications and Threats content update 8473).\n\nThis issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2023-6792",
    "datePublished": "2023-12-13T18:16:18.893Z",
    "dateReserved": "2023-12-13T17:27:25.801Z",
    "dateUpdated": "2024-10-08T14:26:00.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2011
Vulnerability from cvelistv5
Published
2020-05-13 19:07
Modified
2024-09-16 23:26
Summary
PAN-OS: Panorama registration denial of service
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.14",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.7",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.0",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.0",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-05-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-05-13T19:07:14",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2011"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
        }
      ],
      "source": {
        "defect": [
          "PAN-118226"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-05-13T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Panorama registration denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-05-13T16:00:00.000Z",
          "ID": "CVE-2020-2011",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Panorama registration denial of service"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Ben Nott of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2011",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2011"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes."
          }
        ],
        "source": {
          "defect": [
            "PAN-118226"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-05-13T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2011",
    "datePublished": "2020-05-13T19:07:14.502947Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T23:26:56.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2039
Vulnerability from cvelistv5
Published
2020-09-09 16:45
Modified
2024-09-16 17:54
Summary
PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.704Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2039"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.1.4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.4",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.16",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.16",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.10",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.1",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-09-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the availability of the management web interface by repeatedly uploading files until available disk space is exhausted. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-09T16:45:27",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2039"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-148806"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-09-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-09-09T16:00:00.000Z",
          "ID": "CVE-2020-2039",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.4"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.16"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the availability of the management web interface by repeatedly uploading files until available disk space is exhausted. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400 Uncontrolled Resource Consumption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2039",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2039"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-148806"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-09-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2039",
    "datePublished": "2020-09-09T16:45:27.091779Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T17:54:09.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2030
Vulnerability from cvelistv5
Published
2020-07-08 16:35
Modified
2024-09-17 02:10
Summary
PAN-OS: OS command injection vulnerability in the management interface
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.594Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2030"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "status": "affected",
              "version": "7.1.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.15",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "lessThan": "9.0*",
              "status": "unaffected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "lessThan": "9.1*",
              "status": "unaffected",
              "version": "9.1.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
        }
      ],
      "datePublic": "2020-07-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-08T16:35:16",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2030"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
        }
      ],
      "source": {
        "defect": [
          "PAN-100226",
          "PAN-102677"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-07-08T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS command injection vulnerability in the management interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-07-08T16:00:00.000Z",
          "ID": "CVE-2020-2030",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS command injection vulnerability in the management interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.0"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found by Jin Chen of Palo Alto Networks during internal security review."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2030",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2030"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."
          }
        ],
        "source": {
          "defect": [
            "PAN-100226",
            "PAN-102677"
          ],
          "discovery": "INTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-07-08T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2030",
    "datePublished": "2020-07-08T16:35:16.949620Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T02:10:36.204Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-3385
Vulnerability from cvelistv5
Published
2024-04-10 17:06
Modified
2024-08-22 18:10
Summary
PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:12:06.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2024-3385"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "9.0.17-h4",
                "status": "affected",
                "version": "9.0.0",
                "versionType": "custom"
              },
              {
                "lessThan": "9.1.17",
                "status": "affected",
                "version": "9.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.1.12",
                "status": "affected",
                "version": "10.1.0",
                "versionType": "custom"
              },
              {
                "lessThan": "10.2.8",
                "status": "affected",
                "version": "10.2.0",
                "versionType": "custom"
              },
              {
                "lessThan": "11.0.3",
                "status": "affected",
                "version": "11.0.0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "11.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_ngfw",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "prisma_access",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3385",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-15T15:57:38.878804Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:10:55.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "9.0.17-h4",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.17-h4",
              "status": "affected",
              "version": "9.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.17",
              "status": "affected",
              "version": "9.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.12",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.8",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.3",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device \u003e Setup \u003e Management \u003e General Settings) and take the appropriate actions as needed."
            }
          ],
          "value": "This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device \u003e Setup \u003e Management \u003e General Settings) and take the appropriate actions as needed."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue."
        }
      ],
      "datePublic": "2024-04-10T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"
            }
          ],
          "value": "A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-153",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-153 Input Data Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-04-10T17:06:28.153Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-3385"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.\n"
        }
      ],
      "source": {
        "defect": [
          "PAN-221224"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).\u003cbr\u003e"
            }
          ],
          "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).\n"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-3385",
    "datePublished": "2024-04-10T17:06:28.153Z",
    "dateReserved": "2024-04-05T17:40:18.347Z",
    "dateUpdated": "2024-08-22T18:10:55.925Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2024-8686
Vulnerability from cvelistv5
Published
2024-09-11 16:34
Modified
2024-09-12 03:55
Summary
PAN-OS: Command Injection Vulnerability
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "10.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "10.2.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "11.0.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "unaffected",
                "version": "11.1.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "status": "affected",
                "version": "11.2.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "pan-os",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "11.2.2",
                "status": "unaffected",
                "version": "11.2.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "cloud_ngfw",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:paloaltonetworks:prisma_access:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "prisma_access",
            "vendor": "paloaltonetworks",
            "versions": [
              {
                "lessThan": "*",
                "status": "unaffected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8686",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-12T03:55:28.915Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "lessThan": "11.2.2",
              "status": "unaffected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "11.2.2"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "status": "unaffected",
              "version": "11.0.0"
            },
            {
              "status": "unaffected",
              "version": "10.2.0"
            },
            {
              "status": "unaffected",
              "version": "10.1.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Louis Lingg"
        }
      ],
      "datePublic": "2024-09-11T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall."
            }
          ],
          "value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-09-11T16:34:21.618Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "url": "https://security.paloaltonetworks.com/CVE-2024-8686"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions.\u003cbr\u003e"
            }
          ],
          "value": "This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-263321"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-11T16:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Command Injection Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-8686",
    "datePublished": "2024-09-11T16:34:21.618Z",
    "dateReserved": "2024-09-11T08:21:11.335Z",
    "dateUpdated": "2024-09-12T03:55:28.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-2021
Vulnerability from cvelistv5
Published
2020-06-29 15:10
Modified
2024-09-16 20:58
Severity ?
Summary
PAN-OS: Authentication Bypass in SAML Authentication
References
Impacted products
Palo Alto NetworksPAN-OS
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.586Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2021"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.1.*"
            },
            {
              "status": "affected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.15",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.15",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.9",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.3",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only where SAML authentication is enabled and the \u0027Validate Identity Provider Certificate\u0027 option is disabled (unchecked) in the SAML Identity Provider Server Profile.\nThis issue cannot be exploited if SAML is not used for authentication.\nThis issue cannot be exploited if the \u0027Validate Identity Provider Certificate\u0027 option is enabled in the SAML Identity Provider Server Profile.\nDetailed descriptions of how to check for the configuration required for exposure and mitigate them are listed in the knowledge base article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK.\nTo check whether SAML authentication is enabled on a firewall, see the configuration under Device \u003e Server Profiles \u003e SAML Identity Provider.\nTo check whether SAML authentication is enabled for Panorama administrator authentication, see the configuration under Panorama\u003e Server Profiles \u003e SAML Identity Provider\nTo check whether SAML authentication is enabled for firewalls managed by Panorama, see the configuration under Device \u003e [template]\u003e Server Profiles \u003e SAML Identity Provider.\nAny unauthorized access is logged in the system logs based on the configuration; however, it can be difficult to distinguish between valid and malicious logins or sessions."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Salman Khan from the Cyber Risk and Resilience Team and Cameron Duck from the Identity Services Team at Monash University for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-06-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "When Security Assertion Markup Language (SAML) authentication is enabled and the \u0027Validate Identity Provider Certificate\u0027 option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability. This issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. This issue cannot be exploited if SAML is not used for authentication. This issue cannot be exploited if the \u0027Validate Identity Provider Certificate\u0027 option is enabled (checked) in the SAML Identity Provider Server Profile. Resources that can be protected by SAML-based single sign-on (SSO) authentication are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN, Authentication and Captive Portal, PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces, Prisma Access In the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N). In the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "CWE-347 Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-29T15:10:11",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2021"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions.\n\nImportant: Ensure that the signing certificate for your SAML Identity Provider is configured as the \u0027Identity Provider Certificate\u0027 before you upgrade to a fixed version to ensure that your users can continue to authenticate successfully. Configuring the \u0027Identity Provider Certificate\u0027 is an essential part of a secure SAML authentication configuration. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-saml-authentication\n\nDetails of all actions required before and after upgrading PAN-OS are available in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK. \n\nTo eliminate unauthorized sessions on GlobalProtect portals and gateways, Prisma Access managed through Panorama, change the certificate used to encrypt and decrypt the Authentication Override cookie on the GlobalProtect portal and gateways using the Panorama or firewall web interface. Refer to this article for configuring Authentication override cookies: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXy\n\nRestarting firewalls and Panorama eliminates any unauthorized sessions on the web interface.\nTo clear any unauthorized user sessions in Captive Portal take the following steps: \nRun the following command \n    show user ip-user-mapping all type SSO\nFor all the IPs returned, run these two commands to clear the users:\n    clear user-cache-mp \u003cabove ips\u003e\n    clear user-cache \u003cabove ips\u003e\nPAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nAll Prisma Access services have been upgraded to resolve this issue and are no longer vulnerable. Prisma Access customers do not require any changes to SAML or IdP configurations."
        }
      ],
      "source": {
        "defect": [
          "PAN-148988"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-06-29T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authentication Bypass in SAML Authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "Using a different authentication method and disabling SAML authentication will completely mitigate the issue.\nUntil an upgrade can be performed, applying both these mitigations (a) and (b) eliminates the configuration required for exposure to this vulnerability:\n\n(a) Ensure that the \u0027Identity Provider Certificate\u0027 is configured. Configuring the \u0027Identity Provider Certificate\u0027 is an essential part of a secure SAML authentication configuration.\n\n(b) If the identity provider (IdP) certificate is a certificate authority (CA) signed certificate, then ensure that the \u0027Validate Identity Provider Certificate\u0027 option is enabled in the SAML Identity Provider Server Profile. Many popular IdPs  generate self-signed IdP certificates by default and the \u0027Validate Identity Provider Certificate\u0027 option cannot be enabled. Additional steps may be required to use a certificate signed by a CA. This certificate can be signed by an internal enterprise CA, the CA on the PAN-OS, or a public CA. Instructions to configure a CA-issued certificate on IdPs are available at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXP.\n\nUpgrading to a fixed version of PAN-OS software prevents any future configuration changes related to SAML that inadvertently expose protected services to attacks."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-06-29T15:00:00.000Z",
          "ID": "CVE-2020-2021",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Authentication Bypass in SAML Authentication"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.15"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only where SAML authentication is enabled and the \u0027Validate Identity Provider Certificate\u0027 option is disabled (unchecked) in the SAML Identity Provider Server Profile.\nThis issue cannot be exploited if SAML is not used for authentication.\nThis issue cannot be exploited if the \u0027Validate Identity Provider Certificate\u0027 option is enabled in the SAML Identity Provider Server Profile.\nDetailed descriptions of how to check for the configuration required for exposure and mitigate them are listed in the knowledge base article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK.\nTo check whether SAML authentication is enabled on a firewall, see the configuration under Device \u003e Server Profiles \u003e SAML Identity Provider.\nTo check whether SAML authentication is enabled for Panorama administrator authentication, see the configuration under Panorama\u003e Server Profiles \u003e SAML Identity Provider\nTo check whether SAML authentication is enabled for firewalls managed by Panorama, see the configuration under Device \u003e [template]\u003e Server Profiles \u003e SAML Identity Provider.\nAny unauthorized access is logged in the system logs based on the configuration; however, it can be difficult to distinguish between valid and malicious logins or sessions."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Salman Khan from the Cyber Risk and Resilience Team and Cameron Duck from the Identity Services Team at Monash University for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "When Security Assertion Markup Language (SAML) authentication is enabled and the \u0027Validate Identity Provider Certificate\u0027 option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability. This issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1. This issue cannot be exploited if SAML is not used for authentication. This issue cannot be exploited if the \u0027Validate Identity Provider Certificate\u0027 option is enabled (checked) in the SAML Identity Provider Server Profile. Resources that can be protected by SAML-based single sign-on (SSO) authentication are: GlobalProtect Gateway, GlobalProtect Portal, GlobalProtect Clientless VPN, Authentication and Captive Portal, PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces, Prisma Access In the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N). In the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-347 Improper Verification of Cryptographic Signature"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2021",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2021"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions.\n\nImportant: Ensure that the signing certificate for your SAML Identity Provider is configured as the \u0027Identity Provider Certificate\u0027 before you upgrade to a fixed version to ensure that your users can continue to authenticate successfully. Configuring the \u0027Identity Provider Certificate\u0027 is an essential part of a secure SAML authentication configuration. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-saml-authentication\n\nDetails of all actions required before and after upgrading PAN-OS are available in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK. \n\nTo eliminate unauthorized sessions on GlobalProtect portals and gateways, Prisma Access managed through Panorama, change the certificate used to encrypt and decrypt the Authentication Override cookie on the GlobalProtect portal and gateways using the Panorama or firewall web interface. Refer to this article for configuring Authentication override cookies: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXy\n\nRestarting firewalls and Panorama eliminates any unauthorized sessions on the web interface.\nTo clear any unauthorized user sessions in Captive Portal take the following steps: \nRun the following command \n    show user ip-user-mapping all type SSO\nFor all the IPs returned, run these two commands to clear the users:\n    clear user-cache-mp \u003cabove ips\u003e\n    clear user-cache \u003cabove ips\u003e\nPAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nAll Prisma Access services have been upgraded to resolve this issue and are no longer vulnerable. Prisma Access customers do not require any changes to SAML or IdP configurations."
          }
        ],
        "source": {
          "defect": [
            "PAN-148988"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-06-29T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "Using a different authentication method and disabling SAML authentication will completely mitigate the issue.\nUntil an upgrade can be performed, applying both these mitigations (a) and (b) eliminates the configuration required for exposure to this vulnerability:\n\n(a) Ensure that the \u0027Identity Provider Certificate\u0027 is configured. Configuring the \u0027Identity Provider Certificate\u0027 is an essential part of a secure SAML authentication configuration.\n\n(b) If the identity provider (IdP) certificate is a certificate authority (CA) signed certificate, then ensure that the \u0027Validate Identity Provider Certificate\u0027 option is enabled in the SAML Identity Provider Server Profile. Many popular IdPs  generate self-signed IdP certificates by default and the \u0027Validate Identity Provider Certificate\u0027 option cannot be enabled. Additional steps may be required to use a certificate signed by a CA. This certificate can be signed by an internal enterprise CA, the CA on the PAN-OS, or a public CA. Instructions to configure a CA-issued certificate on IdPs are available at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXP.\n\nUpgrading to a fixed version of PAN-OS software prevents any future configuration changes related to SAML that inadvertently expose protected services to attacks."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2021",
    "datePublished": "2020-06-29T15:10:11.350193Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T20:58:19.017Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}