Palo_altoCVELIST:CVE-2020-2030CVE-2020-2030 PAN-OS: OS command injection vulnerability in the management interface
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
62.2%
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services.
CNA Affected
[
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "8.0.*"
},
{
"status": "affected",
"version": "7.1.*"
},
{
"changes": [
{
"at": "8.1.15",
"status": "unaffected"
}
],
"lessThan": "8.1.15",
"status": "affected",
"version": "8.1",
"versionType": "custom"
},
{
"lessThan": "9.0*",
"status": "unaffected",
"version": "9.0.0",
"versionType": "custom"
},
{
"lessThan": "9.1*",
"status": "unaffected",
"version": "9.1.0",
"versionType": "custom"
}
]
}
]Related
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
62.2%