admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-19xx/CVE-2020-1978.json
cad-safe-bot 6430620428 Auto-Update: 2024-11-23T13:07:37.766281+00:00
2024-11-23 13:10:58 +00:00

148 lines
6.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-1978",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2020-04-08T19:15:13.277",
"lastModified": "2024-11-21T05:11:46.410",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the credentials associated with the Contributor role in Azure. A user with the credentials will be able to manage all the Azure resources in the subscription except for granting access to other resources. These credentials do not allow login access to the VMs themselves. This issue affects VM Series Plugin versions before 1.0.9 for PAN-OS 9.0. This issue does not affect VM Series in non-HA configurations or on other cloud platforms. It does not affect hardware firewall appliances. Since becoming aware of the issue, Palo Alto Networks has safely deleted all the tech support files with the credentials. We now filter and remove these credentials from all TechSupport files sent to us. The TechSupport files uploaded to Palo Alto Networks systems were only accessible by authorized personnel with valid Palo Alto Networks credentials. We do not have any evidence of malicious access or use of these credentials."
},
{
"lang": "es",
"value": "Los archivos TechSupport generados en los firewalls Palo Alto Networks VM Series para la plataforma Microsoft Azure configurados con alta disponibilidad (HA), recopilan inadvertidamente las credenciales de la cuenta de servicio del panel de Azure. Estas credenciales son equivalentes a las credenciales asociadas con el rol Contributor en Azure. Un usuario con las credenciales podr\u00e1 ser capaz de administrar todos los recursos de Azure en la suscripci\u00f3n, excepto para otorgar acceso a otros recursos. Estas credenciales no permiten el acceso de inicio de sesi\u00f3n a las m\u00e1quinas virtuales por si mismas. Este problema afecta a VM Series Plugin versiones anteriores a 1.0.9 para PAN-OS versi\u00f3n 9.0. Este problema no afecta a VM Series en configuraciones que no sean de alta disponibilidad o sobre otras plataformas en la nube. No afecta al hardware de dispositivos firewall. Desde que se conoci\u00f3 el problema, Palo Alto Networks ha eliminado de manera segura todos los archivos de soporte t\u00e9cnico con las credenciales. Ahora filtramos y eliminamos estas credenciales de todos los archivos TechSupport que nos env\u00edan. Los archivos TechSupport cargados en los sistemas de Palo Alto Networks solo eran accesibles por personal autorizado con credenciales v\u00e1lidas de Palo Alto Networks. No tenemos ninguna evidencia de acceso malicioso o uso de estas credenciales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:H",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.6,
"impactScore": 5.2
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"baseScore": 1.9,
"accessVector": "LOCAL",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-255"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:vm-series:*:*:*:*:*:azure:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.0.9",
"matchCriteriaId": "302372C3-03AD-4C54-9726-76AFAF8E00B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8493281-925D-4BD5-BE4F-2FB9C2CD8F9D"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2020-1978",
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2020-1978",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink