Home

CVE-2020-2041

Description

An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.335

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities affected in pan-os 8.0.20NCM
Multiple Vulnerabilities affected in pan-os 8.0.6-h3NCM
Multiple Vulnerabilities affected in pan-os 8.0.13NCM
Multiple Vulnerabilities affected in pan-os 8.0.12NCM
Multiple Vulnerabilities affected in pan-os 8.0.11-h1NCM
Multiple Vulnerabilities affected in pan-os 8.0.4NCM
Multiple Vulnerabilities affected in pan-os 8.0.3NCM
Multiple Vulnerabilities affected in pan-os 8.0.0NCM
Vulnerabilities CVE-2020-2034 ,CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.18NCM
Vulnerabilities CVE-2020-2034 ,CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.17NCM
Vulnerabilities CVE-2020-2034 ,CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.16NCM
Vulnerabilities CVE-2020-2034 ,CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.15NCM
Vulnerabilities CVE-2020-2034 ,CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.14NCM
Multiple Vulnerabilities affected in pan-os 8.1.14NCM
Multiple Vulnerabilities affected in pan-os 8.1.11NCM
Multiple Vulnerabilities affected in pan-os 8.1.6-h2NCM
Multiple Vulnerabilities affected in pan-os 8.1.6NCM
Multiple Vulnerabilities affected in pan-os 8.1.1NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.19NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.8NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.7NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.5NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.4-h2NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.3-h4NCM
Vulnerabilities CVE-2020-2035 ,CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.1NCM
Multiple Vulnerabilities affected in pan-os 8.1.13NCM
Multiple Vulnerabilities affected in pan-os 8.1.8-h4NCM
Multiple Vulnerabilities affected in pan-os 8.1.8NCM
Multiple Vulnerabilities affected in pan-os 8.1.7NCM
Multiple Vulnerabilities affected in pan-os 8.1.2NCM
Multiple Vulnerabilities affected in pan-os 8.1.9NCM
Multiple Vulnerabilities affected in pan-os 8.1.8-h5NCM
Multiple Vulnerabilities affected in pan-os 8.1.15NCM
Multiple Vulnerabilities affected in pan-os 8.1.12NCM
Multiple Vulnerabilities affected in pan-os 8.1.3NCM
Multiple Vulnerabilities affected in pan-os 8.1.5NCM
Multiple Vulnerabilities affected in pan-os 8.1.4-h2NCM
Multiple Vulnerabilities affected in pan-os 8.1.4NCM
Vulnerabilities CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.9NCM
Vulnerabilities CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.6NCM
Vulnerabilities CVE-2020-2040 ,CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.2NCM
Multiple Vulnerabilities affected in pan-os 8.1.0NCM
Vulnerabilities CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.11NCM
Vulnerabilities CVE-2020-2041 ,CVE-2020-2044 are affected in pan-os 8.0.10NCM
CVE-2020-2041NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234