CVE-2020-1980 - OpenCVE

A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Paloaltonetworks	Pan-os

Configuration 1 [-]

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2020-1980	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-03-11T00:00:00

Updated: 2020-03-11T18:58:17

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1980

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-03-11T19:15:13.467

Modified: 2020-03-13T19:32:56.980

Link: CVE-2020-1980

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"status": "affected", "version": "8.1 < 8.1.13"}, {"status": "affected", "version": "8.1 !>= 8.1.13"}, {"status": "affected", "version": "9.0 !>= 9.0.0"}, {"status": "affected", "version": "7.1 !>= 7.1.0"}, {"status": "affected", "version": "9.1 !>= 9.1.0"}]}], "configurations": [{"lang": "en", "value": "N/A"}], "credits": [{"lang": "en", "value": "This issue was discovered during an internal security review."}], "datePublic": "2020-03-11T00:00:00", "descriptions": [{"lang": "en", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-03-11T18:58:17", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "source": {"defect": ["PAN-102674"], "discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2020-03-11T00:00:00", "value": "Initial publication"}], "title": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands", "workarounds": [{"lang": "en", "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2020-03-11T16:00:00.000Z", "ID": "CVE-2020-1980", "STATE": "PUBLIC", "TITLE": "PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PAN-OS", "version": {"version_data": [{"version_value": "8.1 < 8.1.13"}, {"version_value": "8.1 !>= 8.1.13"}, {"version_value": "9.0 !>= 9.0.0"}, {"version_value": "7.1 !>= 7.1.0"}, {"version_value": "9.1 !>= 9.1.0"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "configuration": [{"lang": "en", "value": "N/A"}], "credit": [{"lang": "eng", "value": "This issue was discovered during an internal security review."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2020-1980", "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.13, and all later versions."}], "source": {"defect": ["PAN-102674"], "discovery": "UNKNOWN"}, "timeline": [{"lang": "en", "time": "2020-03-11T00:00:00", "value": "Initial publication"}], "work_around": [{"lang": "en", "value": "This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access."}]}}}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2020-1980", "datePublished": "2020-03-11T00:00:00", "dateReserved": "2019-12-04T00:00:00", "dateUpdated": "2020-03-11T18:58:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE88801C-4736-4FCF-90A4-4B4D72774502", "versionEndExcluding": "8.1.13", "versionStartIncluding": "8.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions."}, {"lang": "es", "value": "Una vulnerabilidad de inyecci\u00f3n de comando de shell en la CLI de PAN-OS, permite a un usuario autenticado local escapar del shell restringido y escalar privilegios. Este problema afecta solo a versiones PAN-OS 8.1 anteriores a PAN-OS 8.1.13. Este problema no afecta a versiones PAN-OS 7.1, PAN-OS 9.0 o versiones de PAN-OS posteriores. Este problema es corregido en PAN-OS versi\u00f3n 8.1.13 y todas las versiones posteriores."}], "id": "CVE-2020-1980", "lastModified": "2020-03-13T19:32:56.980", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2020-03-11T19:15:13.467", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2020-1980"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}