Connect with us

Hi, what are you looking for?

Latest

Palo Alto Networks Patches Many PAN-OS vulnerabilities

Palo Alto Networks Patches Many PAN-OS vulnerabilities

Palo Alto Networks told customers this week that it fixed more than two dozen vulnerabilities in PAN-OS, software that runs on the company’s next-generation firewalls.

One of the major drawbacks is the CVE-2020-2018, with a CVSS value of 9, which allows an attacker with access to the Panorama management system interface to gain privileged access to managed firewalls. This authentication process affects the pan context switching function and the manufacturer indicates that the operation requires some knowledge of managed firewalls.

Another potentially serious problem is the CVE-2020-2012, a highly secure XXE vulnerability that allows an external, unauthorized attacker with access to the Panorama interface to read random system files.

Another very reliable drawback, the CVE-2020-2011, allows an unauthorized remote intruder to invoke Denial of Service (DoS) status in all Panorama services by sending specially designed registration requests.

A serious XSS (cross-site scripting) vulnerability affecting GlobalProtect’s clientless VPN can allow an attacker to compromise a user session by forcing the user to visit a malicious website.

Some older vulnerabilities affecting the previous version of Nginx and included in PAN-OS can be exploited even without authentication, including some that are very serious.

The new versions of PAN-OS also fix highly secure vulnerabilities that can be used to increase privileges, execute shell commands or root-rights code, hack administrator accounts, launch XSS attacks, bypass authentication and delete files. However, in order to exploit these vulnerabilities, authentication is required or the attacker must be able to intercept the traffic.

One such drawback is the CVE-2020-2002, which has been described as a problem of authentication tradition in connection with the Kerberos Key Distribution Center (KDC) exchange. The vulnerability was discovered by Silverfort researchers who recently discovered a similar problem with the Cisco Adaptive Security Appliance (ASA).

One of the interesting vulnerabilities of intermediate servers is the CVE-2020-1996, which allows an unauthorized remote attacker to insert messages into the ms.log file of the management server.

This vulnerability can be used to confuse an ongoing attack or to create ms.log entries, Palo Alto Networks advises.

That’s what it looks like: CWN Critical Vulnerability in Palo Alto Networks VPN Product

That’s what it looks like: Vulnerabilities of the VPN for enterprises expose enterprises to hackers and espionage

That’s what it looks like: Critical vulnerabilities detected in the Palo Alto network security platform

Palo Alto Networks Patches Many PAN-OS vulnerabilities

Palo Alto Networks Patches Many PAN-OS vulnerabilities

Palo Alto Networks Patches Many PAN-OS vulnerabilities

@EduardKovacs – Publisher of the Safety Week. He worked for two years as a high school computer science teacher before starting a career in journalism as a security reporter for Softpedia. Edouard has a bachelor’s degree in industrial computer sciences and a master’s degree in computer engineering for electrical engineering.

Previous chronicles of Eduard Kovacs :

Palo Alto Networks Patches Many PAN-OS vulnerabilitiesKeywords: palo alto vulnerability database,cve-2019-17437,palo alto vulnerability protection,cve-2019-1581,palo alto firewall,palo alto security advisories email alerts,palo alto support,cve-2019-1580

You May Also Like

Hosting

The latest round of MITRE ATT&CK evaluations proved yet again that Microsoft customers can trust they are fully protected even in the face of...

Hosting

As the robot process automation (RPA) market becomes more and more dynamic, more and more companies are trying to integrate RPA into their business...

Hosting

On Thursday, April 23rd, 2020, Canonical Ltd, the makers of Ubuntu Linux distribution officially released the long-awaited Ubuntu 20.04 version code-named “Focal Fossa”, it...

Latest

One of the most discussed new features in Ubuntu 20.04 is the dark mode. You can install a dark theme in any version of...