Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisaCISACISA:A5E983E287BE1A6C13AEFAD3B3E1C93E
HistoryJun 29, 2020 - 12:00 a.m.

Palo Alto Releases Security Updates for PAN-OS

2020-06-2900:00:00
us-cert.cisa.gov
9

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Palo Alto Networks has released security updates to address a vulnerability affecting the use of Security Assertion Markup Language in PAN-OS. An unauthenticated attacker with network access could exploit this vulnerability to obtain sensitive information.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Palo Alto Security Advisory for [CVE-2020-2021](<https://security.paloaltonetworks.com/CVE-2020-2021 >) and apply the necessary updates or workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

Related

cisa_kev 1
paloalto 2
cve 1
githubexploit 1
prion 1
threatpost 4
nessus 1
attackerkb 3
ics 1
cisa_kev
cisa_kev
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
2022-03-25 00:00:00
paloalto
paloalto
PAN-OS: Authentication Bypass in SAML Authentication
2020-06-29 15:00:00
PAN-OS: OS command injection vulnerability in GlobalProtect portal
2020-07-08 16:00:00
cve
cve
CVE-2020-2021
2020-06-29 15:15:00
githubexploit
githubexploit
Exploit for Improper Verification of Cryptographic Signature in Paloaltonetworks Pan-Os
2020-06-29 16:56:10
prion
prion
Authentication flaw
2020-06-29 15:15:00
threatpost
threatpost
Why I Love (Breaking Into) Your Security Appliances
2021-07-07 14:11:14
CISA Emergency Directive Orders Immediate Fix of Windows DNS Server Bug
2020-07-17 15:43:00
CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug
2020-06-30 13:48:47
nessus
nessus
Palo Alto Networks PAN-OS 8.0.x < 8.1.15 / 8.1.x < 8.1.15 / 9.0.x < 9.0.9 / 9.1.x < 9.1.3 Authentication Bypass in SAML Authentication (CVE-2020-2021)
2020-06-29 00:00:00
attackerkb
attackerkb
CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication
2020-06-29 00:00:00
CVE-2020-2034 — PAN-OS: OS command injection vulnerability in GlobalProtect portal
2020-07-08 00:00:00
CVE-2020-1472 aka Zerologon
2020-08-17 00:00:00
ics
ics
APT Actors Chaining Vulnerabilities Against SLTT, Critical Infrastructure, and Elections Organizations
2020-10-24 12:00:00

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for CISA:A5E983E287BE1A6C13AEFAD3B3E1C93E
cisa_kev1paloalto2cve1githubexploit1prion1threatpost4nessus1attackerkb3ics1