VYPR
Unrated severityNVD Advisory· Published Sep 9, 2020· Updated Sep 16, 2024

PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload

CVE-2020-2039

Description

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the availability of the management web interface by repeatedly uploading files until available disk space is exhausted. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Paloaltonetworks/Pan OSllm-fuzzy2 versions
    <8.1.16, <9.0.10, <9.1.4, <10.0.1+ 1 more
    • (no CPE)range: <8.1.16, <9.0.10, <9.1.4, <10.0.1
    • (no CPE)range: 9.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.