Palo Alto Networks PAN-OS vulnerabilities

CVE-2020-2000 [HIGH] CWE-20 CVE-2020-2000: An OS command injection and memory corruption vulnerability in the PAN-OS management web interface t An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0

CVE-2020-2050 [HIGH] CWE-285 CVE-2020-2050: An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Ne An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal

CVE-2020-2022 [HIGH] CWE-200 CVE-2020-2022: An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface.

CVE-2020-1999 [MEDIUM] CWE-754 CVE-2020-1999: A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versi

CVE-2020-2048 [LOW] CWE-532 CVE-2020-2048: An information exposure through log file vulnerability exists where the password for the configured An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.17; PAN-OS 9.0 versions earlier than PAN-OS 9.0.11; PAN-OS 9.1

CVE-2020-2040 [CRITICAL] CWE-120 CVE-2020-2040: A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system proce A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1

CVE-2020-2038 [HIGH] CWE-78 CVE-2020-2038: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.

CVE-2020-2037 [HIGH] CWE-78 CVE-2020-2037: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.

CVE-2020-2041 [HIGH] CWE-16 CVE-2020-2041: An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unau An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenanc

CVE-2020-2036 [HIGH] CWE-79 CVE-2020-2036: A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrato

CVE-2020-2042 [HIGH] CWE-121 CVE-2020-2042: A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administ A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

CVE-2020-2039 [MEDIUM] CWE-400 CVE-2020-2039: An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the availability of the management web interface by repeatedly uplo

CVE-2020-2044 [LOW] CWE-532 CVE-2020-2044: An information exposure through log file vulnerability where an administrator's password or other se An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command (op-command) usage but did not mask all sensitive information. The opcmdhistory.

CVE-2020-2043 [LOW] CWE-532 CVE-2020-2043: An information exposure through log file vulnerability where sensitive fields are recorded in the co An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple times in one log entry. The first instance of the sensitive fi

CVE-2020-2035 [LOW] CWE-20 CVE-2020-2035: When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised

CVE-2020-2034 [HIGH] CWE-78 CVE-2020-2034: An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated n An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-O

CVE-2020-2030 [HIGH] CWE-78 CVE-2020-2030: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated a An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access servi

CVE-2020-2031 [MEDIUM] CWE-191 CVE-2020-2031: An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface all An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putt

CVE-2020-1982 [MEDIUM] CWE-326 CVE-2020-1982: Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which i Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitation of known TLS 1.0 weaknesses do not exist for the comm

CVE-2020-2021 [CRITICAL] CWE-347 CVE-2020-2021: When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulner