CVE-2020-1999Improper Check for Unusual or Exceptional Conditions in Palo Alto Networks Pan-os

CWE-754Improper Check for Unusual or Exceptional Conditions5 documents5 sources
Severity
5.3MEDIUMNVD
EPSS
0.3%
top 47.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Pan-osPaloaltonetworks Pan-osPaloalto Pan-os
Timeline
PublishedNov 12
Latest updateMay 24

Description

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

NVDpaloaltonetworks/pan-os8.1.08.1.17+4
CVEListV5palo_alto_networks/pan-os8.18.1.17+4
Palo Altopaloalto/pan-os

🔴Vulnerability Details

2
GHSA
GHSA-6p97-xh7r-7cmv: A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in2022-05-24
CVEList
PAN-OS: Threat signatures are evaded by specifically crafted packets2020-11-12

💥Exploits & PoCs

1
Exploit-DB
Greg Matthews - 'Classifieds.cgi' 1.0 MetaCharacter1998-12-15

📋Vendor Advisories

1
Palo Alto
PAN-OS: Threat signatures are evaded by specifically crafted packets2020-11-11
CVE-2020-1999 — Palo Alto Networks Pan-os vulnerability | cvebase