How severe is CVE-2020-1979?

CVE-2020-1979 has a CVSS v3 score of 8.1 (HIGH).

CVE-2020-1979

Name: pan-os
Author: paloaltonetworks

8.1HIGH

A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to

发布于: 3/11/2020更新于: 11/21/2024

描述

A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.

AI分析AI驱动

受影响产品

paloaltonetworkspan-os

参考资料

https://security.paloaltonetworks.com/CVE-2020-1979
Vendor Advisory
https://security.paloaltonetworks.com/CVE-2020-1979
Vendor Advisory