Palo Alto PAN-OS up to 7.1.25/8.0.20/8.1.11/9.0.5 Proxy Service authentication bypass

Summaryinfo

A vulnerability was found in Palo Alto PAN-OS up to 7.1.25/8.0.20/8.1.11/9.0.5. It has been declared as critical. This vulnerability affects unknown code of the component Proxy Service. Executing a manipulation can lead to authentication bypass. The identification of this vulnerability is CVE-2020-2018. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Detailsinfo

A vulnerability classified as critical was found in Palo Alto PAN-OS up to 7.1.25/8.0.20/8.1.11/9.0.5 (Firewall Software). This vulnerability affects some unknown processing of the component Proxy Service. The manipulation with an unknown input leads to a authentication bypass vulnerability. The CWE definition for the vulnerability is CWE-305. The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

An authentication bypass vulnerability in Palo Alto Networks PAN-OS Panorama proxy service allows an unauthenticated user with network access to Panorama and the knowledge of the Firewall’s serial number to register the PAN-OS firewall to register the device. After the PAN-OS device is registered, the user can further compromise the PAN-OS instances managed by Panorama. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.21; PAN-OS 8.1 versions earlier than 8.1.12; PAN-OS 9.0 versions earlier than 9.0.6.

The weakness was shared 05/13/2020. This vulnerability was named CVE-2020-2018 since 12/04/2019. The exploitation appears to be difficult. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. There are neither technical details nor an exploit publicly available.

Upgrading to version 7.1.26, 8.0.21, 8.1.12, 9.0.6 or 9.1.0 eliminates this vulnerability.

The entries VDB-155223, VDB-155222, VDB-155221 and VDB-155220 are related to this item. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Firewall Software

Vendor

• Palo Alto

Name

• PAN-OS

Version

• 7.1.0
• 7.1.1
• 7.1.2
• 7.1.3
• 7.1.4
• 7.1.5
• 7.1.6
• 7.1.7
• 7.1.8
• 7.1.9
• 7.1.10
• 7.1.11
• 7.1.12
• 7.1.13
• 7.1.14
• 7.1.15
• 7.1.16
• 7.1.17
• 7.1.18
• 7.1.19
• 7.1.20
• 7.1.21
• 7.1.22
• 7.1.23
• 7.1.24
• 7.1.25
• 8.0.0
• 8.0.1
• 8.0.2
• 8.0.3
• 8.0.4
• 8.0.5
• 8.0.6
• 8.0.7
• 8.0.8
• 8.0.9
• 8.0.10
• 8.0.11
• 8.0.12
• 8.0.13
• 8.0.14
• 8.0.15
• 8.0.16
• 8.0.17
• 8.0.18
• 8.0.19
• 8.0.20
• 8.1.0
• 8.1.1
• 8.1.2
• 8.1.3
• 8.1.4
• 8.1.5
• 8.1.6
• 8.1.7
• 8.1.8
• 8.1.9
• 8.1.10
• 8.1.11
• 9.0.0
• 9.0.1
• 9.0.2
• 9.0.3
• 9.0.4
• 9.0.5

License

• commercial

Website

• Vendor: https://www.paloaltonetworks.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion