CVE-2020-2018

An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue does not affect Panorama configured with custom certificates authentication for communication between Panorama and managed devices. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.12; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0.

Published: May 13, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-2018
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9
AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
paloaltonetworks / pan-os	8.1.0	8.1.12
paloaltonetworks / pan-os	9.0.0	9.0.6
paloaltonetworks / pan-os	8.0.0	8.0.20.x
paloaltonetworks / pan-os	7.1.0	7.1.26

https://security.paloaltonetworks.com/CVE-2020-2018

Vulnerability Database

289,784

CVE-2020-2018