Input validation

2020-05-1319:15:00

PRIOn knowledge base

www.prio-n.com

0.002 Low

EPSS

Percentile

59.9%

JSON

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0.

CPENameOperatorVersion
pan-osge7.1.0
pan-osle7.1.26
pan-osge8.0.0
pan-osle8.0.20
pan-osge8.1.0
pan-oslt8.1.14
pan-osge9.0.0
pan-oslt9.1.0

Name	Operator	Version
pan-os	ge	7.1.0
pan-os	le	7.1.26
pan-os	ge	8.0.0
pan-os	le	8.0.20
pan-os	ge	8.1.0
pan-os	lt	8.1.14
pan-os	ge	9.0.0
pan-os	lt	9.1.0

References

security.paloaltonetworks.com/CVE-2020-2011

0.002 Low

EPSS

Percentile

59.9%

JSON

Related for PRION:CVE-2020-2011