Main Vulnerability Database Vulnerabilities #VU48415

#VU48415 Improper Authentication in Palo Alto PAN-OS - CVE-2020-2050

Published: November 12, 2020 / Updated: November 12, 2020

Vulnerability identifier: #VU48415

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-2050

CWE-ID: CWE-287

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Palo Alto PAN-OS

Software vendor:
Palo Alto Networks, Inc.

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication.

Impacted features that use SSL VPN with client certificate verification are:

GlobalProtect Gateway
GlobalProtect Portal
GlobalProtect Clientless VPN

In configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue.

Remediation

Install updates from vendor's website.

External links

https://security.paloaltonetworks.com/CVE-2020-2050