VYPR
Unrated severityNVD Advisory· Published Jun 10, 2020· Updated Sep 16, 2024

PAN-OS: OS command injection vulnerability in management interface certificate generator

CVE-2020-2029

Description

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration. This issue affects: All versions of PAN-OS 8.0; PAN-OS 7.1 versions earlier than PAN-OS 7.1.26; PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Paloaltonetworks/Pan OSllm-fuzzy2 versions
    7.1 < 7.1.26, 8.0 all, 8.1 < 8.1.13+ 1 more
    • (no CPE)range: 7.1 < 7.1.26, 8.0 all, 8.1 < 8.1.13
    • (no CPE)range: 8.0.*

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.