Risk | High |
Patch available | YES |
Number of vulnerabilities | 22 |
CVE-ID | CVE-2020-1993 CVE-2020-1994 CVE-2020-1995 CVE-2020-1996 CVE-2020-1997 CVE-2020-1998 CVE-2020-2001 CVE-2020-2002 CVE-2020-2003 CVE-2020-2005 CVE-2020-2006 CVE-2020-2007 CVE-2020-2008 CVE-2020-2009 CVE-2020-2010 CVE-2020-2012 CVE-2020-2013 CVE-2020-2014 CVE-2020-2015 CVE-2020-2017 CVE-2020-2018 CVE-2017-7529 |
CWE-ID | CWE-384 CWE-264 CWE-476 CWE-285 CWE-601 CWE-434 CWE-287 CWE-284 CWE-79 CWE-119 CWE-78 CWE-611 CWE-319 CWE-190 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #22 is available. |
Vulnerable software Subscribe |
Palo Alto PAN-OS Operating systems & Components / Operating system |
Vendor | Palo Alto Networks, Inc. |
Security Bulletin
This security bulletin contains information about 22 vulnerabilities.
EUVDB-ID: #VU27903
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1993
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to the system.
The vulnerability exists due to insecure session management mechanism within the GlobalProtect Portal feature in PAN-OS. A remote non-authenticated attacker can with ability to control victim's session identifier can hijack victim's session.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.7
External linkshttp://security.paloaltonetworks.com/CVE-2020-1993
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27902
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1994
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to corrupt arbitrary files on the system.
The vulnerability exists due to application uses predictable filenames for temporary files. A local user with shell access to the system can corrupt arbitrary files.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 8.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-1994
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27901
Risk: Low
CVSSv3.1: 4.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1995
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in the rasmgr daemon. A remote authenticated administrator can send a specially crafted request to the system, trigger NULL pointer dereference error and cause denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.
MitigationInstall update from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 9.1.0 - 9.1.1
External linkshttp://security.paloaltonetworks.com/CVE-2020-1995
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27900
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1996
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization and manipulate log files.
The vulnerability exists in the management server component of PAN-OS Panorama. A remote non-authenticated attacker can send a specially crafted request to the system and inject messages into the management server ms.log file.
Successful exploitation of the vulnerability may allow an attacker to obfuscate log files and hide malicious presence on the system.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.8
External linkshttp://security.paloaltonetworks.com/CVE-2020-1996
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27899
Risk: Low
CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1997
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data after successful authentication in the GlobalProtect component of Palo Alto Networks PAN-OS. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 8.0.13
External linkshttp://security.paloaltonetworks.com/CVE-2020-1997
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27898
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-1998
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote user to gain elevated privileges on the system.
The vulnerability exists within SAML SSO in PAN-OS that mistakenly uses the permissions of local Linux users
instead of the intended SAML permissions of the account when the
username is shared for the purposes of SSO authentication. A remote user can escalate privileges on the system.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.1.0
External linkshttp://security.paloaltonetworks.com/CVE-2020-1998
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27897
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2001
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in the Palo Alto Networks PAN-OS Panorama XSLT processing logic. A remote non-authenticated attacker can upload a malicious file and execute it on the system with administrator privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.5-h3
External linkshttp://security.paloaltonetworks.com/CVE-2020-2001
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27896
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2002
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.5-h3
External linkshttp://security.paloaltonetworks.com/CVE-2020-2002
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27895
Risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2003
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to application allows a remote user to manipulate filename during file deletion and does not check if the user has appropriate permissions to delete files. A remote user can send specially crafted request to the system and delete arbitrary files.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.1.0
External linkshttp://security.paloaltonetworks.com/CVE-2020-2003
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27894
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2005
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in Palo Alto Networks GlobalProtect Clientless VPN. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to hijack victim's VPN session.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2005
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27893
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2006
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in management server payload parser. A remote user can trigger memory corruption and execute arbitrary code on the target system with root privileges.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 8.1.13
External linkshttp://security.paloaltonetworks.com/CVE-2020-2006
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27892
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2007
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the management server component of PAN-OS. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2007
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27891
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2008
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in Palo Alto Networks PAN-OS. A remote authenticated administrator can pass specially crafted data to the application and delete arbitrary files or execute arbitrary OS commands on the target system with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 8.1.13
External linkshttp://security.paloaltonetworks.com/CVE-2020-2008
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27890
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2009
CWE-ID:
CWE-434 - Unrestricted Upload of File with Dangerous Type
Exploit availability: No
DescriptionThe vulnerability allows a remote user to compromise vulnerable system.
The vulnerability exists due to insufficient validation of file during file upload in the SD WAN component of Palo Alto Networks PAN-OS Panorama. A remote authenticated user can upload a malicious file and execute it on the server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2009
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27889
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2010
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote administrator to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in PAN-OS management interface. A remote authenticated administrator can pass specially crafted data to the application and execute arbitrary OS commands on the target system with root privileges.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2010
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27888
Risk: Medium
CVSSv3.1: 5.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2012
CWE-ID:
CWE-611 - Improper Restriction of XML External Entity Reference ('XXE')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied XML input in Palo Alto Networks Panorama management service. A remote attacker can pass a specially crafted XML code to the affected application and view contents of arbitrary files on the system or initiate requests to external systems.
Successful exploitation of the vulnerability may allow an attacker to view contents of arbitrary file on the server or perform network scanning of internal and external infrastructure.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2012
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27887
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2013
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information in Palo Alto Networks PAN-OS Panoramathat discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.1.0
External linkshttp://security.paloaltonetworks.com/CVE-2020-2013
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27886
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2014
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in PAN-OS management server. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.6
External linkshttp://security.paloaltonetworks.com/CVE-2020-2014
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27885
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2015
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAN-OS management server. A remote authenticated user can send a specially crafted request to the system, trigger memory corruption and execute arbitrary code on the target system with root privileges.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.1.0
External linkshttp://security.paloaltonetworks.com/CVE-2020-2015
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27884
Risk: Low
CVSSv3.1: 4.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2017
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.5-h3
External linkshttp://security.paloaltonetworks.com/CVE-2020-2017
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU27883
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-2018
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to insecure registration mechanism in Palo Alto Networks PAN-OS Panorama proxy service. A remote attacker with network access to the Panorama and the knowledge of the Firewall’s serial number can register the PAN-OS firewall and gain full access to the device.
Install updates from vendor's website.
Vulnerable software versionsPalo Alto PAN-OS: 7.1.0 - 9.0.5-h3
External linkshttp://security.paloaltonetworks.com/CVE-2020-2018
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU7410
Risk: Medium
CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-7529
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to integer overflow when processing specially crafted requests. A remote attacker can send a malicious request to vulnerable server and gain access to potentially sensitive information.
When using nginx with standard modules this allows an attacker to obtain a cache file header if a response was returned from cache. In some configurations a cache file header may contain IP address of the backend server or other sensitive information.
Install update from vendor's website.
Palo Alto PAN-OS: 7.1.0 - 9.0.5-h3
External linkshttp://security.paloaltonetworks.com/CVE-2017-7529
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.