CVE-2020-2031

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 9.1.3

Description The issue is related to an integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface. This vulnerability allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request can result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.

Recommendations For PAN-OS versions prior to 9.1.3, update to version 9.1.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the dnsproxyd component to minimize the risk of exploitation.