PT-2020-15270 · Palo Alto Networks · Pan-Os

Published

2020-11-11

Updated

2020-11-16

CVE-2020-2048

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.17 PAN-OS versions prior to 9.0.11 PAN-OS versions prior to 9.1.2

Description An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software.

Recommendations For PAN-OS versions prior to 8.1.17, update to version 8.1.17 or later. For PAN-OS versions prior to 9.0.11, update to version 9.0.11 or later. For PAN-OS versions prior to 9.1.2, update to version 9.1.2 or later.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

CVE-2020-2048

Affected Products

Pan-Os

PT-2020-15270 · Palo Alto Networks · Pan-Os

CVE-2020-2048

Weakness Enumeration

Related Identifiers

Affected Products

References · 5