certfr_avis - CERTFR-2020-AVI-089

CERTFR-2020-AVI-089

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Palo Alto . Elles permettent à un attaquant de provoquer un déni de service, une élévation de privilèges et une injection de requêtes illégitimes par rebond (CSRF).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Palo Alto Networks	N/A	GlobalProtect 5.0.x versions antérieures à 5.0.6
Palo Alto Networks	PAN-OS	PAN-OS 8.x versions antérieures à 8.1.12
Palo Alto Networks	PAN-OS	PAN-OS 9.x versions antérieures à 9.0.6
Palo Alto Networks	Expedition	Expedition Migration Tool versions antérieures à 1.1.52

References

Title

Publication Time

Tags

Bulletin de sécurité Palo Alto 1 du 12 février 2020	None	vendor-advisory
Bulletin de sécurité Palo Alto 2 du 12 février 2020	None	vendor-advisory
Bulletin de sécurité Palo Alto 3 du 12 février 2020	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "GlobalProtect 5.0.x versions ant\u00e9rieures \u00e0 5.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS 8.x versions ant\u00e9rieures \u00e0 8.1.12",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "PAN-OS 9.x versions ant\u00e9rieures \u00e0 9.0.6",
      "product": {
        "name": "PAN-OS",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Expedition Migration Tool versions ant\u00e9rieures \u00e0 1.1.52",
      "product": {
        "name": "Expedition",
        "vendor": {
          "name": "Palo Alto Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2020-1975",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1975"
    },
    {
      "name": "CVE-2020-1976",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1976"
    },
    {
      "name": "CVE-2020-1977",
      "url": "https://www.cve.org/CVERecord?id=CVE-2020-1977"
    }
  ],
  "links": [],
  "reference": "CERTFR-2020-AVI-089",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2020-02-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Palo Alto . Elles\npermettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une \u00e9l\u00e9vation\nde privil\u00e8ges et une injection de requ\u00eates ill\u00e9gitimes par rebond\n(CSRF).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto 1 du 12 f\u00e9vrier 2020",
      "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto 2 du 12 f\u00e9vrier 2020",
      "url": "https://security.paloaltonetworks.com/CVE-2020-1976"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Palo Alto 3 du 12 f\u00e9vrier 2020",
      "url": "https://security.paloaltonetworks.com/CVE-2020-1977"
    }
  ]
}

CVE-2020-1975 (GCVE-0-2020-1975)

Vulnerability from cvelistv5 – Published: 2020-02-12 22:57 – Updated: 2024-09-16 18:23

Summary

Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions.

Severity ?

6.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-112 - Missing XML Validation

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2020-1975

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	PAN-OS	Unaffected: 7.1.* Unaffected: 8.0.* Affected: 8.1 , < 8.1.12 (custom) Affected: 9.0 , < 9.0.6 (custom)

Credits

This issue was found during a security assessment performed by a customer.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.317Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.1.*"
            },
            {
              "status": "unaffected",
              "version": "8.0.*"
            },
            {
              "changes": [
                {
                  "at": "8.1.12",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.12",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.6",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue requires that the web-based management interface is enabled on the hardware or virtual appliance."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was found during a security assessment performed by a customer."
        }
      ],
      "datePublic": "2020-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-112",
              "description": "CWE-112 Missing XML Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-12T22:57:08",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-124593"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Missing XML Validation in PAN-OS Web Interface",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue affects the web-based management interface of the appliance. Access to the web-based management interface of the appliance should be limited strictly to only trusted users, hosts, and networks."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
          "ID": "CVE-2020-1975",
          "STATE": "PUBLIC",
          "TITLE": "Missing XML Validation in PAN-OS Web Interface"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!",
                            "version_name": "7.1",
                            "version_value": "7.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.0",
                            "version_value": "8.0.*"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.12"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue requires that the web-based management interface is enabled on the hardware or virtual appliance."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was found during a security assessment performed by a customer."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-112 Missing XML Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1975",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1975"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-124593"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "This issue affects the web-based management interface of the appliance. Access to the web-based management interface of the appliance should be limited strictly to only trusted users, hosts, and networks."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1975",
    "datePublished": "2020-02-12T22:57:08.099602Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T18:23:27.053Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-1977 (GCVE-0-2020-1977)

Vulnerability from cvelistv5 – Published: 2020-02-12 22:57 – Updated: 2024-09-17 01:01

Summary

Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-352 - Cross-Site Request Forgery (CSRF)

Assigner

palo_alto

References

URL

Tags

	https://security.paloaltonetworks.com/CVE-2020-1977	x_refsource_MISC
	https://www.tenable.com/security/research/tra-2020-11	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	Expedition	Affected: 1.1 , ≤ 1.1.51 (custom)

Credits

Palo Alto Networks thanks Jimi Sebree of Tenable Research for discovering and responsibly reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.351Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1977"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/security/research/tra-2020-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Expedition",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "1.1.52",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "1.1.51",
              "status": "affected",
              "version": "1.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Jimi Sebree of Tenable Research for discovering and responsibly reporting this issue."
        }
      ],
      "datePublic": "2020-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352 Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-19T18:06:04",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1977"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/security/research/tra-2020-11"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in Expedition Migration Tool 1.1.52 and later versions."
        }
      ],
      "source": {
        "defect": [
          "MT-1593"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.",
      "workarounds": [
        {
          "lang": "en",
          "value": "To prevent the chance of malicious websites making forged requests to Expedition Migration Tool, you should access the tool exclusively from a web browser and log out after each use."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
          "ID": "CVE-2020-1977",
          "STATE": "PUBLIC",
          "TITLE": "Expedition Migration Tool: Insufficient Cross Site Request Forgery protection."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Expedition",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "1.1",
                            "version_value": "1.1.51"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "1.1",
                            "version_value": "1.1.52"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Jimi Sebree of Tenable Research for discovering and responsibly reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-352 Cross-Site Request Forgery (CSRF)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1977",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1977"
            },
            {
              "name": "https://www.tenable.com/security/research/tra-2020-11",
              "refsource": "MISC",
              "url": "https://www.tenable.com/security/research/tra-2020-11"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in Expedition Migration Tool 1.1.52 and later versions."
          }
        ],
        "source": {
          "defect": [
            "MT-1593"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "To prevent the chance of malicious websites making forged requests to Expedition Migration Tool, you should access the tool exclusively from a web browser and log out after each use."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1977",
    "datePublished": "2020-02-12T22:57:08.179851Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:01:37.367Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-1976 (GCVE-0-2020-1976)

Vulnerability from cvelistv5 – Published: 2020-02-12 22:57 – Updated: 2024-09-17 01:51

Summary

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS.

Severity ?

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-642 - External Control of Critical State Data

Assigner

palo_alto

References

URL

Tags

https://security.paloaltonetworks.com/CVE-2020-1976

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Palo Alto Networks	GlobalProtect	Affected: 5.0 , ≤ 5.0.5 (custom)

Credits

This issue was discovered during a security test performed in collaboration with IOActive.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.347Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-1976"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "Mac OS"
          ],
          "product": "GlobalProtect",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "5.0.6",
                  "status": "unaffected"
                }
              ],
              "lessThanOrEqual": "5.0.5",
              "status": "affected",
              "version": "5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered during a security test performed in collaboration with IOActive."
        }
      ],
      "datePublic": "2020-02-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-642",
              "description": "CWE-642 External Control of Critical State Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-12T22:57:08",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-1976"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in GlobalProtect 5.0.6, GlobalProtect 5.1.0, and all later versions."
        }
      ],
      "source": {
        "defect": [
          "GPC-9616"
        ],
        "discovery": "INTERNAL"
      },
      "title": "GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability.",
      "workarounds": [
        {
          "lang": "en",
          "value": "n/a"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-02-12T17:00:00.000Z",
          "ID": "CVE-2020-1976",
          "STATE": "PUBLIC",
          "TITLE": "GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "GlobalProtect",
                      "version": {
                        "version_data": [
                          {
                            "platform": "Mac OS",
                            "version_affected": "\u003c=",
                            "version_name": "5.0",
                            "version_value": "5.0.5"
                          },
                          {
                            "platform": "Mac OS",
                            "version_affected": "!\u003e=",
                            "version_name": "5.0",
                            "version_value": "5.0.6"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was discovered during a security test performed in collaboration with IOActive."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-642 External Control of Critical State Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-1976",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-1976"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in GlobalProtect 5.0.6, GlobalProtect 5.1.0, and all later versions."
          }
        ],
        "source": {
          "defect": [
            "GPC-9616"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "n/a"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-1976",
    "datePublished": "2020-02-12T22:57:08.144091Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-17T01:51:07.142Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTFR-2020-AVI-089

Solution

CVE-2020-1975 (GCVE-0-2020-1975)

CVE-2020-1977 (GCVE-0-2020-1977)

CVE-2020-1976 (GCVE-0-2020-1976)

Tags

Sightings

Nomenclature