CVE-2020-1991 - Vulnerability Details - OpenCVE

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00036.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Paloaltonetworks	Traps

Configuration 1 [-]

AND

OR	cpe:2.3:a:paloaltonetworks:traps::::::::
	cpe:2.3:a:paloaltonetworks:traps::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

No data.

Fixes

Solution

This issue is fixed in Traps 5.0.8, 6.1.4 and later versions.

Workaround

There are no viable workarounds for this issue.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2020-1991

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-04-08T18:41:58.528818Z

Updated: 2024-09-17T00:17:10.408Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1991

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-04-08T19:15:14.150

Modified: 2024-11-21T05:11:48.103

Link: CVE-2020-1991

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "Traps", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "5.0.8", "status": "unaffected"}], "lessThan": "5.0.8", "status": "affected", "version": "5.0", "versionType": "custom"}, {"changes": [{"at": "6.1.4", "status": "unaffected"}], "lessThan": "6.1.4", "status": "affected", "version": "6.1", "versionType": "custom"}]}, {"product": "Cortex XDR", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "7.0.*"}]}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks Lasse Trolle Borup of Danish Cyber Defence for discovering and reporting this issue."}], "datePublic": "2020-04-08T00:00:00", "descriptions": [{"lang": "en", "value": "An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-377", "description": "CWE-377 Insecure Temporary File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-04-08T18:41:58", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2020-1991"}], "solutions": [{"lang": "en", "value": "This issue is fixed in Traps 5.0.8, 6.1.4 and later versions."}], "source": {"defect": ["CPATR-7784"], "discovery": "EXTERNAL"}, "title": "Traps: Insecure temporary file vulnerability may allow privilege escalation on Windows", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-04-08T16:00:00.000Z", "ID": "CVE-2020-1991", "STATE": "PUBLIC", "TITLE": "Traps: Insecure temporary file vulnerability may allow privilege escalation on Windows"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Traps", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "5.0", "version_value": "5.0.8"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "5.0", "version_value": "5.0.8"}, {"platform": "Windows", "version_affected": "<", "version_name": "6.1", "version_value": "6.1.4"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "6.1", "version_value": "6.1.4"}]}}, {"product_name": "Cortex XDR", "version": {"version_data": [{"version_affected": "!", "version_name": "7.0", "version_value": "7.0.*"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Lasse Trolle Borup of Danish Cyber Defence for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-377 Insecure Temporary File"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-1991", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2020-1991"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in Traps 5.0.8, 6.1.4 and later versions."}], "source": {"defect": ["CPATR-7784"], "discovery": "EXTERNAL"}, "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.653Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2020-1991"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-1991", "datePublished": "2020-04-08T18:41:58.528818Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-17T00:17:10.408Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:traps:*:*:*:*:*:*:*:*", "matchCriteriaId": "F68BAC15-5024-4BB6-A4BB-4D6FB2989AD1", "versionEndExcluding": "5.0.8", "versionStartIncluding": "5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:traps:*:*:*:*:*:*:*:*", "matchCriteriaId": "498FA8E9-DE1A-4E36-AE2A-0DB4BBAFDD7A", "versionEndExcluding": "6.1.4", "versionStartIncluding": "6.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS."}, {"lang": "es", "value": "Una vulnerabilidad de archivo temporal no seguro en Palo Alto Networks Traps, permite a un usuario de Windows autenticado local escalar privilegios o sobrescribir archivos del sistema. Este problema afecta a Palo Alto Networks Traps versiones 5.0 anteriores a 5.0.8; versiones 6.1 anteriores a 6.1.4 en Windows. Este problema no afecta a Cortex XDR versi\u00f3n 7.0. Este problema no afecta a Traps para Linux o MacOS."}], "id": "CVE-2020-1991", "lastModified": "2024-11-21T05:11:48.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-08T19:15:14.150", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1991"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1991"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}