CVE-2020-1998

PAN-OS: Improper SAML SSO authorization of shared local users

CVSS 5.4 MEDIUMEPSS 0.9%CWE-285

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 5.4EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

13 May 2020Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected products

Palo Alto Networks · PAN-OS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.paloaltonetworks.com/CVE-2020-1998