CVE-2020-2011

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS Panorama versions 7.1 Palo Alto Networks PAN-OS Panorama versions 8.0 Palo Alto Networks PAN-OS Panorama versions 8.1 through 8.1.13 Palo Alto Networks PAN-OS Panorama versions 9.0 through 9.0.6 Palo Alto Networks PAN-OS Panorama versions 9.1 through 9.0.9 is not correct, it should be versions prior to 9.1.0, so Palo Alto Networks PAN-OS Panorama versions prior to 9.1.0

Description An improper input validation issue in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows a remote unauthenticated user to send a specifically crafted registration request to the device, causing the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode.

Recommendations For versions 7.1, update to a version later than 7.1. For versions 8.0, update to a version later than 8.0. For versions 8.1 through 8.1.13, update to version 8.1.14 or later. For versions 9.0 through 9.0.6, update to version 9.0.7 or later. For versions prior to 9.1.0, update to version 9.1.0 or later.