Usage of cryptographically weak protocol in Palo Alto PAN-OS



Published: 2020-07-09
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2020-1982
CWE ID CWE-310
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software
Subscribe
Palo Alto PAN-OS
Operating systems & Components / Operating system

Vendor Palo Alto Networks, Inc.

Security Advisory

This security advisory describes one low risk vulnerability.

1) Cryptographic issues

Risk: Low

CVSSv3: 4.3 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-1982

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt TLS traffic.

The vulnerability exists due to PAN-OS supports TLS 1.0 protocol that is known to be a cryptographically weak protocol. A remote attacker with ability to conduct a Man-in-the-Middle (MitM) attack can theoretically decrypt communication.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Palo Alto PAN-OS: 8.0, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.3-h4, 8.0.4, 8.0.4-h2, 8.0.5, 8.0.6, 8.0.6-h3, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.0.11, 8.0.11-h1, 8.0.12, 8.0.13, 8.0.14, 8.0.15, 8.0.16, 8.0.17, 8.0.18, 8.0.19, 8.0.19-h1, 8.0.20, 8.0.21, 8.1, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.4-h2, 8.1.5, 8.1.6, 8.1.6-h2, 8.1.7, 8.1.8, 8.1.8-h4, 8.1.8-h5, 8.1.9, 8.1.9-h4, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14, 9.0.0, 9.0.1, 9.0.2, 9.0.2-h4, 9.0.3, 9.0.3-h2, 9.0.3-h3, 9.0.4, 9.0.5, 9.0.5-h3, 9.0.6, 9.0.7, 9.0.8, 9.1.0, 9.1.1, 9.1.2

CPE External links

https://security.paloaltonetworks.com/CVE-2020-1982

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.



###SIDEBAR###