PT-2020-15219 · Palo Alto Networks · Pan-Os

Nicholas Newsom

Published

2020-05-13

Updated

2020-05-15

CVE-2020-1995

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 9.1.2

Description A NULL pointer dereference issue allows an authenticated administrator to send a request that causes the rasmgr daemon to crash, resulting in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.

Recommendations For versions prior to 9.1.2, update to version 9.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the rasmgr daemon to minimize the risk of exploitation.

Fix

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

CVE-2020-1995

Affected Products

Pan-Os

PT-2020-15219 · Palo Alto Networks · Pan-Os

CVE-2020-1995

Weakness Enumeration

Related Identifiers

Affected Products

References · 4