Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-1999

Опубликовано: 12 нояб. 2020
Источник: nvd
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 7.1.0 (включая) до 7.1.26 (включая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 8.0.0 (включая) до 8.0.20 (включая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 8.1.0 (включая) до 8.1.17 (исключая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 9.0.0 (включая) до 9.0.11 (исключая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 9.1.0 (включая) до 9.1.5 (исключая)

EPSS

Процентиль: 52%
0.00295
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-754
CWE-754

Связанные уязвимости

github логотип

GHSA-6p97-xh7r-7cmv

github
больше 3 лет назад

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0.

EPSS

Процентиль: 52%
0.00295
Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-754
CWE-754