← Back to CVE List

CVE-2020-2034

Published: 2020-07-08T17:15Z
Last Modified: 2024-11-21T05:24Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if GlobalProtect portal feature is not enabled. This issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1. Prisma Access services are not impacted by this vulnerability. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt