CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2006 – PAN-OS: Buffer overflow in management server payload parser
https://notcve.org/view.php?id=CVE-2020-2006
A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. Una vulnerabilidad de desbordamiento de búfer en la región stack de la memoria en el componente management server de PAN-OS, que permite a un usuario autenticado ejecutar potencialmente código arbitrario con privilegios root. Este problema afecta: Todas las versiones de PAN-OS 7.1 y 8.0; PAN-OS versiones 8.1 anteriores a 8.1.14. • https://security.paloaltonetworks.com/CVE-2020-2006 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-2005 – PAN-OS: GlobalProtect Clientless VPN session hijacking
https://notcve.org/view.php?id=CVE-2020-2005
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.0. Existe una vulnerabilidad de cross-site scripting (XSS(XSS) al visitar sitios web maliciosos con la VPN sin cliente GlobalProtect de Palo Alto Networks que puede comprometer la sesión activa del usuario. Este problema afecta: PAN-OS 7.1 versiones anteriores a la versión 7.1.26; PAN-OS 8.1 versiones anteriores a la versión 8.1.13; PAN-OS 9.0 versiones anteriores a la versión 9.0.7; Todas las versiones de PAN-OS 8.0. • https://security.paloaltonetworks.com/CVE-2020-2005 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-2004 – GlobalProtect App: Passwords may be logged in clear text while collecting troubleshooting logs
https://notcve.org/view.php?id=CVE-2020-2004
Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditions must be true: (1) 'Save User Credential' option should be set to 'Yes' in the GlobalProtect Portal's Agent configuration, (2) the GlobalProtect user manually selects a gateway, (3) and the logging level is set to 'Dump' while collecting troubleshooting logs. This issue does not affect GlobalProtect app on other platforms (for example iOS/Android/Linux). This issue affects GlobalProtect app 5.0 versions earlier than 5.0.9, GlobalProtect app 5.1 versions earlier than 5.1.2 on Windows or MacOS. Since becoming aware of the issue, Palo Alto Networks has safely deleted all the known GlobalProtectLogs zip files sent by customers with the credentials. • https://security.paloaltonetworks.com/CVE-2020-2004 • CWE-532: Insertion of Sensitive Information into Log File CWE-534: DEPRECATED: Information Exposure Through Debug Log Files •
CVSS: 8.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-2003 – PAN-OS: Authenticated administrator can delete arbitrary system file
https://notcve.org/view.php?id=CVE-2020-2003
An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions before 8.1.14; PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.1. Un control externo de la vulnerabilidad de nombre de archivo en el procesamiento de comandos de PAN-OS permite a un administrador autenticado eliminar archivos arbitrarios del sistema que afectan la integridad del sistema o causan la denegación de servicio a todos los servicios de PAN-OS. Este problema afecta a: Todas las versiones de PAN-OS 7.1 y 8.0; PAN-OS 8.1 versiones anteriores a la versión 8.1.14; PAN-OS 9.0 versiones anteriores a la versión 9.0.7; PAN-OS 9.1 versiones anteriores a la versión 9.1.1. • https://security.paloaltonetworks.com/CVE-2020-2003 • CWE-73: External Control of File Name or Path •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0CVE-2020-2002 – PAN-OS: Spoofed Kerberos key distribution center authentication bypass
https://notcve.org/view.php?id=CVE-2020-2002
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All version of PAN-OS 8.0. Existe una vulnerabilidad de omisión de autenticación mediante suplantación de identidad en el daemon de autenticación y los componentes de ID de usuario de PAN-OS de Palo Alto Networks al no verificar la integridad del centro de distribución de claves (KDC) Kerberos antes de autenticar a los usuarios. • https://security.paloaltonetworks.com/CVE-2020-2002 • CWE-290: Authentication Bypass by Spoofing •