Palo Alto PAN-OS up to 7.1.x/8.0.20/8.1.11/9.0.5 Management Interface write-what-where condition

Summaryinfo

A vulnerability has been found in Palo Alto PAN-OS up to 7.1.x/8.0.20/8.1.11/9.0.5 and classified as critical. This affects an unknown function of the component Management Interface. The manipulation leads to write-what-where condition. This vulnerability is uniquely identified as CVE-2020-2001. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Palo Alto PAN-OS up to 7.1.x/8.0.20/8.1.11/9.0.5 (Firewall Software). This issue affects an unknown part of the component Management Interface. The manipulation with an unknown input leads to a write-what-where condition vulnerability. Using CWE to declare the problem leads to CWE-123. Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This issue affects: All PAN-OS 7.1 Panorama versions; PAN-OS 8.0 versions earlier than 8.0.21 on Panorama; PAN-OS 8.1 versions earlier than 8.1.12 on Panorama; PAN-OS 9.0 versions earlier than 9.0.6 on Panorama.

The weakness was disclosed 05/13/2020. The identification of this vulnerability is CVE-2020-2001 since 12/04/2019. The exploitation is known to be difficult. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 8.0.21, 8.1.12 or 9.0.6 eliminates this vulnerability.

The entries VDB-155211, VDB-155209, VDB-155208 and VDB-155206 are pretty similar. Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Type

• Firewall Software

Vendor

• Palo Alto

Name

• PAN-OS

Version

• 7.0
• 7.1
• 8.0.0
• 8.0.1
• 8.0.2
• 8.0.3
• 8.0.4
• 8.0.5
• 8.0.6
• 8.0.7
• 8.0.8
• 8.0.9
• 8.0.10
• 8.0.11
• 8.0.12
• 8.0.13
• 8.0.14
• 8.0.15
• 8.0.16
• 8.0.17
• 8.0.18
• 8.0.19
• 8.0.20
• 8.1.0
• 8.1.1
• 8.1.2
• 8.1.3
• 8.1.4
• 8.1.5
• 8.1.6
• 8.1.7
• 8.1.8
• 8.1.9
• 8.1.10
• 8.1.11
• 9.0.0
• 9.0.1
• 9.0.2
• 9.0.3
• 9.0.4
• 9.0.5

License

• commercial

Website

• Vendor: https://www.paloaltonetworks.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion