CVE-2020-1978 — Insufficiently Protected Credentials in Paloaltonetworks Vm-series

CWE-255 CWE-522 — Insufficiently Protected Credentials4 documents4 sources

Severity

4.4MEDIUMNVD

CNA5.8

EPSS

0.1%

top 73.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Paloaltonetworks Vm-series Palo Alto Networks Vm-series Plugin Paloaltonetworks Pan-os +1 more

Timeline

PublishedApr 8

Latest updateMay 24

Description

TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the credentials associated with the Contributor role in Azure. A user with the credentials will be able to manage all the Azure resources in the subscription except for granting access to other resources. These credentials do not allow login access to the VMs…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5palo_alto_networks/vm-series_plugin1.0 — 1.0.8

▶NVDpaloaltonetworks/vm-series1.0 — 1.0.9

▶NVDpaloaltonetworks/pan-os9.0.0

▶Palo Altopaloalto/vm-series_plugin

🔴Vulnerability Details

GHSA

GHSA-4qj8-98mv-2vmv: TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertentl↗2022-05-24

▶

CVEList

VM-Series on Microsoft Azure: Inadvertent collection of credentials in Tech support files on HA configured VMs↗2020-04-08

▶

📋Vendor Advisories

Palo Alto

VM-Series on Microsoft Azure: Inadvertent collection of credentials in Tech support files on HA configured VMs↗2020-02-19

▶