CVE-2020-2048 : Security Advisory and Response
Learn about CVE-2020-2048, an information exposure vulnerability in Palo Alto Networks PAN-OS software, potentially revealing system proxy server passwords in cleartext. Find mitigation steps and affected versions.
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software, potentially exposing system proxy server passwords in cleartext.
Understanding CVE-2020-2048
This CVE involves the exposure of system proxy server passwords in cleartext when using the CLI in PAN-OS software.
What is CVE-2020-2048?
- Vulnerability Type: Information Exposure Through Log Files (CWE-532)
- Date of Public Disclosure: November 11, 2020
- CVSS Base Score: 3.3 (Low Severity)
The Impact of CVE-2020-2048
- Attack Vector: Local
- Privileges Required: Low
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
Technical Details of CVE-2020-2048
This section provides detailed technical information about the vulnerability.
Vulnerability Description
- The vulnerability allows the display of system proxy server passwords in cleartext through log files.
Affected Systems and Versions
- PAN-OS 8.1 versions earlier than 8.1.17
- PAN-OS 9.0 versions earlier than 9.0.11
- PAN-OS 9.1 versions earlier than 9.1.2
Exploitation Mechanism
- Low attack complexity
- No user interaction required
- Local attack vector
Mitigation and Prevention
Protect your systems from CVE-2020-2048 with the following steps:
Immediate Steps to Take
- Verify if a system proxy server is configured on the firewall
- Check the management web interface for Setup -> Services -> Proxy Server
Long-Term Security Practices
- Follow best practices for securing the management web interface
- Review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation
Patching and Updates
- Update to PAN-OS 8.1.17, 9.0.11, 9.1.2, or later versions to fix the vulnerability