CVE-2020-1996: PAN-OS: Panorama management server log injection
First published: Wed May 13 2020(Updated: )
A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log file This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.9.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Palo Alto Networks PAN-OS | >=7.1.0<=7.1.26 | |
| Palo Alto Networks PAN-OS | >=8.0.0<=8.0.20 | |
| Palo Alto Networks PAN-OS | >=8.1.0<=8.1.13 | |
| Palo Alto Networks PAN-OS | >=9.0.0<=9.0.8 |
Remedy
This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.9, and all later PAN-OS versions. PAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies. PAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-1996?
CVE-2020-1996 has a severity rating of high due to the potential for unauthorized access and log tampering.
How do I fix CVE-2020-1996?
To fix CVE-2020-1996, upgrade to PAN-OS versions 8.0.21, 8.1.14, 9.0.9, or later, as these versions include the necessary security patch.
What types of attacks can CVE-2020-1996 facilitate?
CVE-2020-1996 can facilitate attacks that involve log injection, allowing attackers to obfuscate their activities or fabricate log entries.
Which versions of PAN-OS are affected by CVE-2020-1996?
CVE-2020-1996 affects PAN-OS versions from 7.1.0 to 7.1.26, 8.0.0 to 8.0.20, 8.1.0 to 8.1.13, and 9.0.0 to 9.0.8.
Who is vulnerable to CVE-2020-1996?
Organizations using affected versions of Palo Alto Networks PAN-OS are vulnerable to CVE-2020-1996 if the management server is not properly secured.
- agent/type
- agent/softwarecombine
- agent/references
- agent/title
- agent/weakness
- agent/remedy
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/paloaltonetworks
- canonical/palo alto networks pan-os
- version/palo alto networks pan-os/7.1.0
- version/palo alto networks pan-os/7.1.26
- version/palo alto networks pan-os/8.0.0
- version/palo alto networks pan-os/8.0.20
- version/palo alto networks pan-os/8.1.0
- version/palo alto networks pan-os/8.1.13
- version/palo alto networks pan-os/9.0.0
- version/palo alto networks pan-os/9.0.8