An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14.
References
Link | Resource |
---|---|
https://security.paloaltonetworks.com/CVE-2020-1997 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: palo_alto
Published: 2020-05-13T00:00:00
Updated: 2020-05-13T19:07:14
Reserved: 2019-12-04T00:00:00
Link: CVE-2020-1997
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-05-13T19:15:12.707
Modified: 2020-05-18T20:39:43.493
Link: CVE-2020-1997
JSON object: View
Redhat Information
No data.
CWE