Palo Alto Networks PAN-OS 7.1.x < 7.1.26 / 8.0.x < 8.1.13 / 8.1.x < 8.1.13 / 9.0.x < 9.0.7 / 9.1.x < 9.1.1 Vulnerability

Medium Nessus Plugin ID 136815

Synopsis

The remote PAN-OS host is affected by vulnerability

Description

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 7.1.26 or 8.0.x prior to 8.1.13 or 8.1.x prior to 8.1.13 or 9.0.x prior to 9.0.7 or 9.1.x prior to 9.1.1. It is, therefore, affected by a vulnerability.

- A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.21; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1. (CVE-2020-2015)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to PAN-OS 7.1.26 / 8.1.13 / 8.1.13 / 9.0.7 / 9.1.1 or later

See Also

https://security.paloaltonetworks.com/CVE-2020-2015

https://cwe.mitre.org/data/definitions/120.html

Plugin Details

Severity: Medium

ID: 136815

File Name: palo_alto_CVE-2020-2015.nasl

Version: 1.1

Type: combined

Published: 2020/05/22

Updated: 2020/05/22

Dependencies: 72816

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2020-2015

CVSS v2.0

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS v3.0

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/o:paloaltonetworks:pan-os

Required KB Items: Host/Palo_Alto/Firewall/Version, Host/Palo_Alto/Firewall/Full_Version, Host/Palo_Alto/Firewall/Source

Patch Publication Date: 2020/05/13

Vulnerability Publication Date: 2020/05/13

Reference Information

CVE: CVE-2020-2015

IAVA: 2020-A-0222

CWE: 120