CVE-2020-1980 - Vulnerability Details - OpenCVE

A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00253.

Key SSVC decision points have not yet been added.

Vendors	Products
Paloaltonetworks	Pan-os

Configuration 1 [-]

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

This issue is fixed in PAN-OS 8.1.13, and all later versions.

Workaround

This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2020-1980

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-03-11T18:58:17.891426Z

Updated: 2024-09-16T16:29:01.339Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1980

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-03-11T19:15:13.467

Modified: 2024-11-21T05:11:46.670

Link: CVE-2020-1980

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"status": "affected", "version": "8.1 < 8.1.13"}, {"status": "affected", "version": "8.1 !>= 8.1.13"}, {"status": "affected", "version": "9.0 !>= 9.0.0"}, {"status": "affected", "version": "7.1 !>= 7.1.0"}, {"status": "affected", "version": "9.1 !>= 9.1.0"}]}], "configurations": [{"lang": "en", "value": "N/A"}], "credits": [{"lang": "en", "value": "This issue was discovered during an internal security review."}], "datePublic": "2020-03-11T00:00:00", "descriptions": [{"lang": "en", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-03-11T18:58:17", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "source": {"defect": ["PAN-102674"], "discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2020-03-11T00:00:00", "value": "Initial publication"}], "title": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands", "workarounds": [{"lang": "en", "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-03-11T16:00:00.000Z", "ID": "CVE-2020-1980", "STATE": "PUBLIC", "TITLE": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PAN-OS", "version": {"version_data": [{"version_value": "8.1 < 8.1.13"}, {"version_value": "8.1 !>= 8.1.13"}, {"version_value": "9.0 !>= 9.0.0"}, {"version_value": "7.1 !>= 7.1.0"}, {"version_value": "9.1 !>= 9.1.0"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "configuration": [{"lang": "en", "value": "N/A"}], "credit": [{"lang": "eng", "value": "This issue was discovered during an internal security review."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-1980", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "source": {"defect": ["PAN-102674"], "discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2020-03-11T00:00:00", "value": "Initial publication"}], "work_around": [{"lang": "en", "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.366Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-1980", "datePublished": "2020-03-11T18:58:17.891426Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-16T16:29:01.339Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE88801C-4736-4FCF-90A4-4B4D72774502", "versionEndExcluding": "8.1.13", "versionStartIncluding": "8.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comando de shell en la CLI de PAN-OS, permite a un usuario autenticado local escapar del shell restringido y escalar privilegios. Este problema afecta solo a versiones PAN-OS 8.1 anteriores a PAN-OS 8.1.13. Este problema no afecta a versiones PAN-OS 7.1, PAN-OS 9.0 o versiones de PAN-OS posteriores. Este problema es corregido en PAN-OS versi\u00f3n 8.1.13 y todas las versiones posteriores."}], "id": "CVE-2020-1980", "lastModified": "2024-11-21T05:11:46.670", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-03-11T19:15:13.467", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}