Palo Alto Networks PAN-OS vulnerabilities

CVE-2020-1995 [MEDIUM] CWE-476 CVE-2020-1995: A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated admini A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue affects: PAN-OS 9.1 ver

CVE-2020-2005 [MEDIUM] CWE-79 CVE-2020-2005: A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alt A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.

CVE-2020-1994 [MEDIUM] CWE-377 CVE-2020-1994: A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell ac A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7.

CVE-2020-1993 [MEDIUM] CWE-384 CVE-2020-1993: The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.8.

CVE-2020-2003 [MEDIUM] CWE-73 CVE-2020-2003: An external control of filename vulnerability in the command processing of PAN-OS allows an authenti An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions before 8.1.14; PAN-OS 9.0 versions

CVE-2020-2017 [MEDIUM] CWE-79 CVE-2020-2017: A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfac A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue a

CVE-2020-1992 [CRITICAL] CWE-134 CVE-2020-1992: A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log F A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions befor

CVE-2020-1990 [HIGH] CWE-121 CVE-2020-1990: A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an a A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1.

CVE-2020-1979 [HIGH] CWE-134 CVE-2020-1979: A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based att A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on

CVE-2020-1980 [HIGH] CWE-77 CVE-2020-1980: A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escap A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later version

CVE-2020-1981 [HIGH] CWE-377 CVE-2020-1981: A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This iss A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue

CVE-2020-1975 [HIGH] CWE-112 CVE-2020-1975: Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS softwa Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS

CVE-2019-17440 [CRITICAL] CWE-923 CVE-2019-17440: Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with s Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and confi

CVE-2019-17437 [HIGH] CWE-280 CVE-2019-17437: An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privile An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser. This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior

CVE-2019-1581 [CRITICAL] CWE-78 CVE-2019-1581: A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. This issue affects PAN-OS 7.1 versions prior to 7.1.24-h1, 7.1.25; 8.0 versions prior to 8.0.19-h1, 8.0.20; 8.1 versions prior to 8.1.9-h4,

CVE-2019-1572 [HIGH] CVE-2019-1572: PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files. PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.

CVE-2018-10139 [MEDIUM] CWE-79 CVE-2018-10139: The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-O The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.

CVE-2018-10140 [MEDIUM] CWE-20 CVE-2018-10140: The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an auth The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.