Paloalto PAN-OS vulnerabilities

CVE-2020-2035 [LOW] CWE-20 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) f

CVE-2013-7459 [CRITICAL] PAN PAN The Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have any security impact on PAN-OS or that the scenarios required for successful CVEs: CVE-2013-7459, CVE-2018-1120, CVE-2018-1121, CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-16402, CVE-2020-11022, CVE-2020-11023, CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899, CVE-2020-11900, CVE-2020-11901,

CVE-2020-2034 [CRITICAL] CWE-78 PAN-OS: OS command injection vulnerability in GlobalProtect portal PAN-OS: OS command injection vulnerability in GlobalProtect portal An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this

CVE-2020-2030 [HIGH] CWE-78 PAN-OS: OS command injection vulnerability in the management interface PAN-OS: OS command injection vulnerability in the management interface An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions. Workaround: This issue impacts the PAN-OS management

CVE-2020-2031 [MEDIUM] CWE-191 PAN-OS: Integer underflow in the management interface PAN-OS: Integer underflow in the management interface An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it

CVE-2020-1982 [MEDIUM] CWE-326 PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditi

CVE-2020-2021 [CRITICAL] CWE-347 PAN-OS: Authentication Bypass in SAML Authentication PAN-OS: Authentication Bypass in SAML Authentication When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable ser

CVE-2020-2028 [HIGH] CWE-78 PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS

CVE-2020-2029 [HIGH] CWE-78 PAN-OS: OS command injection vulnerability in management interface certificate generator PAN-OS: OS command injection vulnerability in management interface certificate generator An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. Affected products: PAN-OS S

CVE-2020-2027 [HIGH] CWE-121 PAN-OS: Buffer overflow in authd authentication response PAN-OS: Buffer overflow in authd authentication response A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions. Workarou

CVE-2020-2018 [CRITICAL] CWE-287 PAN-OS: Panorama authentication bypass vulnerability PAN-OS: Panorama authentication bypass vulnerability An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue does not affect Panorama configured with custom certificates aut

CVE-2020-2001 [CRITICAL] CWE-123 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation PAN-OS: Panorama External control of file vulnerability leads to privilege escalation An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. Affected products: PA

CVE-2020-2014 [HIGH] CWE-78 PAN-OS: OS injection vulnerability in PAN-OS management server PAN-OS: OS injection vulnerability in PAN-OS management server An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. Affected products: PAN-OS Solution: This i

CVE-2020-2010 [HIGH] CWE-78 PAN-OS: Authenticated user command injection vulnerability PAN-OS: Authenticated user command injection vulnerability An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions. PAN-OS 8.0 is now end-of-life as of October 31, 2019, a

CVE-2020-2016 [HIGH] CWE-377 PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possi

CVE-2020-2006 [HIGH] CWE-121 PAN-OS: Buffer overflow in management server payload parser PAN-OS: Buffer overflow in management server payload parser A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions. PAN-OS 8.0 is now end-of-life as of October 31, 2019, and is

CVE-2020-2013 [HIGH] CWE-319 PAN-OS: Panorama context switch session cookie disclosure PAN-OS: Panorama context switch session cookie disclosure A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleart

CVE-2020-2008 [HIGH] CWE-73 PAN-OS: OS command injection or arbitrary file deletion vulnerability PAN-OS: OS command injection or arbitrary file deletion vulnerability An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. Affected products: PAN-OS Solution: This issue is

CVE-2020-2012 [HIGH] CWE-611 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This is

CVE-2020-1998 [HIGH] CWE-285 PAN-OS: Improper SAML SSO authorization of shared local users PAN-OS: Improper SAML SSO authorization of shared local users An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. Affected products: PAN-OS