Unrated severityNVD Advisory· Published May 13, 2020· Updated Sep 16, 2024
PAN-OS: DOM-Based cross site scripting vulnerability in management web interface
CVE-2020-2017
Description
A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<7.1.26, <8.1.13, <9.0.6, 8.0.*+ 1 more
- (no CPE)range: <7.1.26, <8.1.13, <9.0.6, 8.0.*
- (no CPE)range: 8.0.*
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2020-2017mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.