PT-2020-15263 · Palo Alto Networks · Pan-Os
Mikhail Klyuchnikov
+1
·
Published
2020-09-09
·
Updated
2021-02-12
·
CVE-2020-2039
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Palo Alto Networks PAN-OS versions prior to 8.1.16
Palo Alto Networks PAN-OS versions prior to 9.0.10
Palo Alto Networks PAN-OS versions prior to 9.1.4
Palo Alto Networks PAN-OS versions prior to 10.0.1
Description
An uncontrolled resource consumption issue allows a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. This can lead to disruption of the management web interface's availability by repeatedly uploading files until available disk space is exhausted.
Recommendations
For versions prior to 8.1.16, update to version 8.1.16 or later.
For versions prior to 9.0.10, update to version 9.0.10 or later.
For versions prior to 9.1.4, update to version 9.1.4 or later.
For versions prior to 10.0.1, update to version 10.0.1 or later.
Fix
Resource Exhaustion
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pan-Os