CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2037 – PAN-OS: OS command injection vulnerability in the management web interface
https://notcve.org/view.php?id=CVE-2020-2037
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. Una vulnerabilidad de inyección de comandos de Sistema Operativo en la interfaz de administración de PAN-OS que permite a los administradores autenticados ejecutar comandos de Sistema Operativo arbitrarios con privilegios root. Este problema impacta a: Versiones PAN-OS 8.1 anteriores a PAN-OS 8.1.16; Versiones PAN-OS 9.0 anteriores a PAN-OS 9.0.10; Versiones PAN-OS 9.1 anteriores a PAN-OS 9.1.3. • https://security.paloaltonetworks.com/CVE-2020-2037 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 4%CPEs: 2EXPL: 0CVE-2020-2036 – PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface
https://notcve.org/view.php?id=CVE-2020-2036
A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9. Existe una vulnerabilidad de tipo cross-site scripting (XSS) reflejado en la interfaz web de administración de PAN-OS. Un atacante remoto capaz de convencer a un administrador con una sesión autenticada activa en la interfaz de administración del firewall para que haga clic en un enlace diseñado a esa interfaz web de administración podría ejecutar código JavaScript arbitrario en el navegador del administrador y llevar a cabo acciones administrativas. • https://security.paloaltonetworks.com/CVE-2020-2036 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-2035 – PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions
https://notcve.org/view.php?id=CVE-2020-2035
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised host in a protected network to evade any security policy that uses URL filtering on a firewall configured with SSL Decryption in the Forward Proxy mode. A malicious actor can then use this technique to evade detection of communication on the TLS handshake phase between a compromised host and a remote malicious server. This technique does not increase the risk of a host being compromised in the network. It does not impact the confidentiality or availability of a firewall. • https://security.paloaltonetworks.com/CVE-2020-2035 https://www.mnemonic.no/blog/introducing-snicat • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 66%CPEs: 5EXPL: 1CVE-2020-2034 – PAN-OS: OS command injection vulnerability in GlobalProtect portal
https://notcve.org/view.php?id=CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability. • https://github.com/blackhatethicalhacking/CVE-2020-2034-POC https://security.paloaltonetworks.com/CVE-2020-2034 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-2031 – PAN-OS: Integer underflow in the management interface
https://notcve.org/view.php?id=CVE-2020-2031
An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. This issue does not impact PAN-OS 8.1, PAN-OS 9.0, or Prisma Access services. Una vulnerabilidad de un subflujo de enteros en el componente dnsproxyd de la interfaz de administración de PAN-OS, permite a los administradores autenticados emitir un comando desde la interfaz de línea de comando que causa que el componente deje de responder. • https://security.paloaltonetworks.com/CVE-2020-2031 • CWE-191: Integer Underflow (Wrap or Wraparound) •