New Palo Alto Networks Security Advisories.
Palo Alto Networks has published 28 new Security Advisories at https://security.paloaltonetworks.com on May 13, 2020:
PAN-OS
________________________________________
CVE-2020-2018 PAN-OS: Panorama proxy service authorization bypass (Severity: CRITICAL)
https://security.paloaltonetworks.com/CVE-2020-2018
CVE-2020-2014 PAN-OS: OS injection vulnerability in PAN-OS management server (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2014
CVE-2020-2015 PAN-OS: Buffer overflow in the management server (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2015
CVE-2020-2017 PAN-OS: DOM-Based cross site scripting vulnerability in management web interface (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2017
CVE-2020-2013 PAN-OS: Panorama context switch session cookie disclosure (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2013
CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2001
CVE-2020-2002 PAN-OS: Spoofed Kerberos key distribution center authentication bypass (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2002
PAN-SA-2020-0005 PAN-OS: OpenSSH software upgraded to resolve multiple vulnerabilities (Severity: HIGH)
https://security.paloaltonetworks.com/PAN-SA-2020-0005
CVE-2020-2011 PAN-OS: Panorama registration denial of service (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2011
CVE-2020-2012 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2012
PAN-SA-2020-0006 PAN-OS: Nginx software upgraded to resolve multiple vulnerabilities (Severity: HIGH)
https://security.paloaltonetworks.com/PAN-SA-2020-0006
CVE-2020-2006 PAN-OS: Buffer overflow in management server payload parser (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2006
CVE-2020-2007 PAN-OS: OS command injection in management server (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2007
CVE-2020-2008 PAN-OS: OS command injection or arbitrary file deletion vulnerability (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2008
CVE-2020-2009 PAN-OS: Panorama SD WAN arbitrary file creation (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2009
CVE-2020-2010 PAN-OS: Authenticated user command injection vulnerability (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2010
CVE-2020-2005 PAN-OS: GlobalProtect Clientless VPN session hijacking (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2005
CVE-2020-2016 PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2020-2016
CVE-2020-2003 PAN-OS: Authenticated administrator can delete arbitrary system file (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-2003
CVE-2020-1998 PAN-OS: Improper SAML SSO authorization of shared local users (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-1998
CVE-2017-7529 PAN-OS: Nginx integer overflow may lead to information leak (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2017-7529
CVE-2020-1996 PAN-OS: Panorama management server log injection (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-1996
CVE-2020-1997 PAN-OS: GlobalProtect registration open redirect (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-1997
CVE-2020-1995 PAN-OS: Management server rasmgr denial of service (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-1995
CVE-2020-1994 PAN-OS: Predictable temporary file vulnerability (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-1994
CVE-2020-1993 PAN-OS: GlobalProtect Portal PHP session fixation vulnerability (Severity: LOW)
https://security.paloaltonetworks.com/CVE-2020-1993
PAN-SA-2020-0004 Informational: Third-party or open source vulnerabilities that do not affect PAN-OS (Severity: NONE)
https://security.paloaltonetworks.com/PAN-SA-2020-0004
GlobalProtect App
________________________________________
CVE-2020-2004 GlobalProtect App: Passwords may be logged in clear text while collecting troubleshooting logs (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2020-2004
Please visit our Security Advisories website to learn more at https://security.paloaltonetworks.com/.
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support.
Regards,
Product Security Incident Response Team
Palo Alto Networks