A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2020-1979 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2020-03-11T00:00:00
Updated: 2020-05-13T19:07:13
Reserved: 2019-12-04T00:00:00
Link: CVE-2020-1979
JSON object: View
NVD Information
Status : Modified
Published: 2020-03-11T19:15:13.327
Modified: 2020-05-13T20:15:14.057
Link: CVE-2020-1979
JSON object: View
Redhat Information
No data.
CWE