CVE-2020-2000 - OpenCVE

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Paloaltonetworks	Pan-os

Configuration 1 [-]

OR	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::

No data.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2020-2000

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-11-12T00:05:20.120304Z

Updated: 2024-09-16T16:58:42.346Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-2000

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-11-12T00:15:10.377

Modified: 2020-11-16T21:29:05.853

Link: CVE-2020-2000

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "8.1.16", "status": "unaffected"}], "lessThan": "8.1.16", "status": "affected", "version": "8.1", "versionType": "custom"}, {"changes": [{"at": "9.0.10", "status": "unaffected"}], "lessThan": "9.0.10", "status": "affected", "version": "9.0", "versionType": "custom"}, {"changes": [{"at": "9.1.4", "status": "unaffected"}], "lessThan": "9.1.4", "status": "affected", "version": "9.1", "versionType": "custom"}, {"changes": [{"at": "10.0.1", "status": "unaffected"}], "lessThan": "10.0.1", "status": "affected", "version": "10.0", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}], "datePublic": "2020-11-11T00:00:00", "descriptions": [{"lang": "en", "value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-121", "description": "CWE-121 Stack-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-12T00:05:20", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2020-2000"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."}], "source": {"defect": ["PAN-149822", "PAN-150013", "PAN-150170"], "discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2020-11-11T00:00:00", "value": "Initial publication"}], "title": "PAN-OS: OS command injection and memory corruption vulnerability", "workarounds": [{"lang": "en", "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-11-11T17:00:00.000Z", "ID": "CVE-2020-2000", "STATE": "PUBLIC", "TITLE": "PAN-OS: OS command injection and memory corruption vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PAN-OS", "version": {"version_data": [{"version_affected": "<", "version_name": "8.1", "version_value": "8.1.16"}, {"version_affected": "<", "version_name": "9.0", "version_value": "9.0.10"}, {"version_affected": "<", "version_name": "9.1", "version_value": "9.1.4"}, {"version_affected": "<", "version_name": "10.0", "version_value": "10.0.1"}, {"version_affected": "!>=", "version_name": "8.1", "version_value": "8.1.16"}, {"version_affected": "!>=", "version_name": "9.0", "version_value": "9.0.10"}, {"version_affected": "!>=", "version_name": "9.1", "version_value": "9.1.4"}, {"version_affected": "!>=", "version_name": "10.0", "version_value": "10.0.1"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."}]}, "exploit": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}, {"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}, {"description": [{"lang": "eng", "value": "CWE-121 Stack-based Buffer Overflow"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-2000", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2020-2000"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."}], "source": {"defect": ["PAN-149822", "PAN-150013", "PAN-150170"], "discovery": "INTERNAL"}, "timeline": [{"lang": "en", "time": "2020-11-11T00:00:00", "value": "Initial publication"}], "work_around": [{"lang": "en", "value": "This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."}], "x_advisoryEoL": false, "x_affectedList": ["PAN-OS 10.0.0", "PAN-OS 10.0", "PAN-OS 9.1.3-h1", "PAN-OS 9.1.3", "PAN-OS 9.1.2-h1", "PAN-OS 9.1.2", "PAN-OS 9.1.1", "PAN-OS 9.1.0-h3", "PAN-OS 9.1.0-h2", "PAN-OS 9.1.0-h1", "PAN-OS 9.1.0", "PAN-OS 9.1", "PAN-OS 9.0.9-h1", "PAN-OS 9.0.9", "PAN-OS 9.0.8", "PAN-OS 9.0.7", "PAN-OS 9.0.6", "PAN-OS 9.0.5", "PAN-OS 9.0.4", "PAN-OS 9.0.3-h3", "PAN-OS 9.0.3-h2", "PAN-OS 9.0.3-h1", "PAN-OS 9.0.3", "PAN-OS 9.0.2-h4", "PAN-OS 9.0.2-h3", "PAN-OS 9.0.2-h2", "PAN-OS 9.0.2-h1", "PAN-OS 9.0.2", "PAN-OS 9.0.1", "PAN-OS 9.0.0", "PAN-OS 9.0", "PAN-OS 8.1.15-h3", "PAN-OS 8.1.15-h2", "PAN-OS 8.1.15-h1", "PAN-OS 8.1.15", "PAN-OS 8.1.14-h2", "PAN-OS 8.1.14-h1", "PAN-OS 8.1.14", "PAN-OS 8.1.13", "PAN-OS 8.1.12", "PAN-OS 8.1.11", "PAN-OS 8.1.10", "PAN-OS 8.1.9-h4", "PAN-OS 8.1.9-h3", "PAN-OS 8.1.9-h2", "PAN-OS 8.1.9-h1", "PAN-OS 8.1.9", "PAN-OS 8.1.8-h5", "PAN-OS 8.1.8-h4", "PAN-OS 8.1.8-h3", "PAN-OS 8.1.8-h2", "PAN-OS 8.1.8-h1", "PAN-OS 8.1.8", "PAN-OS 8.1.7", "PAN-OS 8.1.6-h2", "PAN-OS 8.1.6-h1", "PAN-OS 8.1.6", "PAN-OS 8.1.5", "PAN-OS 8.1.4", "PAN-OS 8.1.3", "PAN-OS 8.1.2", "PAN-OS 8.1.1", "PAN-OS 8.1.0", "PAN-OS 8.1"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:54:00.615Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2020-2000"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-2000", "datePublished": "2020-11-12T00:05:20.120304Z", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2024-09-16T16:58:42.346Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E961A6F-DC8D-46DE-9279-95FCA3B460C1", "versionEndExcluding": "8.1.16", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "B274DF14-BD36-46DF-91EF-0293CC082B41", "versionEndExcluding": "9.0.10", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "F307ABF3-27DB-4C76-A488-60E1F6A6D17F", "versionEndExcluding": "9.1.4", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "09926771-7377-487B-B660-809265E7D8A2", "versionEndExcluding": "10.0.1", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."}, {"lang": "es", "value": "Una vulnerabilidad de corrupci\u00f3n de memoria e inyecci\u00f3n de comandos del Sistema Operativo en la interfaz web de administraci\u00f3n de PAN-OS que permite a los administradores autenticados interrumpir los procesos del sistema y ejecutar potencialmente c\u00f3digo arbitrario y comandos del Sistema Operativo con privilegios root. Este problema afecta: versiones PAN-OS 8.1 anteriores a PAN-OS 8.1.16; versiones PAN-OS 9.0 anteriores a PAN-OS 9.0.10; versiones PAN-OS 9.1 anteriores a PAN-OS 9.1.4; versiones PAN-OS 10.0 anteriores a PAN-OS 10.0.1"}], "id": "CVE-2020-2000", "lastModified": "2020-11-16T21:29:05.853", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2020-11-12T00:15:10.377", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-2000"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-121"}, {"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-78"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}