cve-2020-2020
Vulnerability from cvelistv5
Published
2020-12-09 18:00
Modified
2024-09-16 20:17
Summary
Cortex XDR Agent: Exceptional condition denial-of-service (DoS)
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.594Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-2020"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cortex XDR Agent",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "7.0.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.0.3",
              "status": "affected",
              "version": "7.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "7.1.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "7.1.2",
              "status": "affected",
              "version": "7.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "5.0.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "5.0.10",
              "status": "affected",
              "version": "5.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "6.1.7",
                  "status": "unaffected"
                }
              ],
              "lessThan": "6.1.7",
              "status": "affected",
              "version": "6.1",
              "versionType": "custom"
            },
            {
              "lessThan": "7.2*",
              "status": "unaffected",
              "version": "7.2.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks Paul van der Haas of Orange Cyberdefense for discovering and reporting this issue."
        }
      ],
      "datePublic": "2020-12-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software\u0027s internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-755",
              "description": "CWE-755 Improper Handling of Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-09T18:00:13",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-2020"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in Cortex XDR Agent 5.0.10, Cortex XDR Agent 6.1.7, Cortex XDR Agent 7.0.3, Cortex XDR Agent 7.1.2, and all later Cortex XDR Agent versions."
        }
      ],
      "source": {
        "defect": [
          "CPATR-9871"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2020-12-09T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "Cortex XDR Agent: Exceptional condition denial-of-service (DoS)",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-12-09T17:00:00.000Z",
          "ID": "CVE-2020-2020",
          "STATE": "PUBLIC",
          "TITLE": "Cortex XDR Agent: Exceptional condition denial-of-service (DoS)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cortex XDR Agent",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.0",
                            "version_value": "7.0.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "7.1",
                            "version_value": "7.1.2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.0",
                            "version_value": "5.0.10"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "6.1",
                            "version_value": "6.1.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.0",
                            "version_value": "7.0.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.1",
                            "version_value": "7.1.2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "5.0",
                            "version_value": "5.0.10"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "6.1",
                            "version_value": "6.1.7"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "7.2",
                            "version_value": "7.2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks Paul van der Haas of Orange Cyberdefense for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software\u0027s internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-755 Improper Handling of Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-2020",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-2020"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in Cortex XDR Agent 5.0.10, Cortex XDR Agent 6.1.7, Cortex XDR Agent 7.0.3, Cortex XDR Agent 7.1.2, and all later Cortex XDR Agent versions."
          }
        ],
        "source": {
          "defect": [
            "CPATR-9871"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2020-12-09T00:00:00",
            "value": "Initial publication"
          }
        ],
        "x_affectedList": [
          "Cortex XDR Agent 7.1",
          "Cortex XDR Agent 7.0",
          "Cortex XDR Agent 6.1",
          "Cortex XDR Agent 5.0"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2020",
    "datePublished": "2020-12-09T18:00:14.069887Z",
    "dateReserved": "2019-12-04T00:00:00",
    "dateUpdated": "2024-09-16T20:17:18.893Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-2020\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2020-12-09T18:15:10.663\",\"lastModified\":\"2020-12-11T17:14:05.777\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software\u0027s internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.\"},{\"lang\":\"es\",\"value\":\"Un manejo inapropiado de una vulnerabilidad de condiciones excepcionales en Cortex XDR Agent permite a un usuario de Windows autenticado localmente crear archivos en el directorio de programa interno del software que impide que se inicie Cortex XDR Agent.\u0026#xa0;La condici\u00f3n excepcional es persistente e impide que Cortex XDR Agent se inicie cuando se reinicia el software o la m\u00e1quina.\u0026#xa0;Este problema afecta a: Cortex XDR Agent versiones 5.0 anteriores a 5.0.10;\u0026#xa0;Cortex XDR Agent versiones 6.1 anteriores a 6.1.7;\u0026#xa0;Cortex XDR Agent  versiones 7.0 anteriores a 7.0.3;\u0026#xa0;Cortex XDR Agent versiones 7.1 anteriores a 7.1.2\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":2.1},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]},{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.0.10\",\"matchCriteriaId\":\"A75398A3-ED40-4983-A80A-ECAE760B5400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndExcluding\":\"6.1.7\",\"matchCriteriaId\":\"CC3EA409-30E8-4E2D-B1B5-F2C946F3613B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.0.3\",\"matchCriteriaId\":\"762B2DF4-229D-4755-A0B3-47D4BFD8C21A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.1\",\"versionEndExcluding\":\"7.1.2\",\"matchCriteriaId\":\"B2A974F5-3BEE-496F-8833-F7DC4D86C56D\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2020-2020\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.