CVE-2020-1998

PAN-OS: Improper SAML SSO authorization of shared local users

CVSS 5.4 MEDIUMEPSS 0.9%CWE-285

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.4EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

13 may 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Productos afectados

Palo Alto Networks · PAN-OS

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://security.paloaltonetworks.com/CVE-2020-1998