CVE-2020-2017
A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0.
| Software | From | Fixed in |
|---|---|---|
| paloaltonetworks / pan-os | 9.0.0 | 9.0.6 |
| paloaltonetworks / pan-os | 8.1.0 | 8.1.13 |
| paloaltonetworks / pan-os | 8.0.0 | 8.0.20.x |
| paloaltonetworks / pan-os | 7.1.0 | 7.1.26 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime