vulnerability
PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Sep 14, 2020 | Sep 14, 2020 | Oct 5, 2020 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Sep 14, 2020
Added
Sep 14, 2020
Modified
Oct 5, 2020
Description
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
Solutions
palo-alto-networks-pan-os-upgrade-8-0palo-alto-networks-pan-os-upgrade-8-1palo-alto-networks-pan-os-upgrade-9-0palo-alto-networks-pan-os-upgrade-9-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.