#VU26734 Credentials management in VM-Series Virtual Firewalls - CVE-2020-1978
Published: April 9, 2020
Vulnerability identifier: #VU26734
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-1978
CWE-ID: CWE-255
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
VM-Series Virtual Firewalls
VM-Series Virtual Firewalls
Software vendor:
Palo Alto Networks, Inc.
Palo Alto Networks, Inc.
Description
The vulnerability allows a local user to obtain account credentials.
The vulnerability exists due to the TechSupport files generated on VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. A local administrator can manage all the Azure resources in the subscription except for granting access to other resources.
Note: These credentials do not allow login access to the VMs themselves.
Remediation
Install updates from vendor's website.