A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2020-03-11T18:58:21.177187Z

Updated: 2024-09-17T00:10:53.810Z

Reserved: 2019-12-04T00:00:00

Link: CVE-2020-1979

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-03-11T19:15:13.327

Modified: 2024-11-21T05:11:46.530

Link: CVE-2020-1979

cve-icon Redhat

No data.