Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2020-1975 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2020-02-12T00:00:00
Updated: 2020-02-12T22:57:08
Reserved: 2019-12-04T00:00:00
Link: CVE-2020-1975
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-12T23:15:11.390
Modified: 2020-02-18T20:10:07.483
Link: CVE-2020-1975
JSON object: View
Redhat Information
No data.