How severe is CVE-2020-1979?

CVE-2020-1979 has a CVSS v3 score of 8.1 (HIGH).

CVE-2020-1979

Name: pan-os
Author: paloaltonetworks

8.1HIGH

A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to

公開日: 3/11/2020更新日: 11/21/2024

説明

A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.

AI分析AIによる分析

影響を受ける製品

paloaltonetworkspan-os

参照

https://security.paloaltonetworks.com/CVE-2020-1979
Vendor Advisory
https://security.paloaltonetworks.com/CVE-2020-1979
Vendor Advisory