Home

CVE-2020-2043

Description

An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple times in one log entry. The first instance of the sensitive field is masked but subsequent instances are left in clear text. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4.

Risk Information

Base Score
3.3
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
0.228

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities affected in pan-os 8.1.13NCM
Multiple Vulnerabilities affected in pan-os 8.1.8-h4NCM
Multiple Vulnerabilities affected in pan-os 8.1.8NCM
Multiple Vulnerabilities affected in pan-os 8.1.7NCM
Multiple Vulnerabilities affected in pan-os 8.1.2NCM
Multiple Vulnerabilities affected in pan-os 9.0.3NCM
Multiple Vulnerabilities affected in pan-os 8.1.9NCM
Multiple Vulnerabilities affected in pan-os 8.1.8-h5NCM
Multiple Vulnerabilities affected in pan-os 9.1.0NCM
Multiple Vulnerabilities affected in pan-os 9.0.9NCM
Multiple Vulnerabilities affected in pan-os 9.0.7NCM
Multiple Vulnerabilities affected in pan-os 9.0.6NCM
Multiple Vulnerabilities affected in pan-os 9.0.8NCM
Multiple Vulnerabilities affected in pan-os 9.0.0NCM
Multiple Vulnerabilities affected in pan-os 8.1.15NCM
Multiple Vulnerabilities affected in pan-os 8.1.12NCM
Multiple Vulnerabilities affected in pan-os 8.1.3NCM
Multiple Vulnerabilities affected in pan-os 9.0.4NCM
Multiple Vulnerabilities affected in pan-os 8.1.5NCM
Multiple Vulnerabilities affected in pan-os 8.1.4-h2NCM
Multiple Vulnerabilities affected in pan-os 8.1.4NCM
Multiple Vulnerabilities affected in pan-os 8.1.0NCM
Multiple Vulnerabilities affected in pan-os 9.1.3NCM
Multiple Vulnerabilities affected in pan-os 9.1.2NCM
Multiple Vulnerabilities affected in pan-os 9.1.1NCM
Multiple Vulnerabilities affected in pan-os 9.0.5NCM
Multiple Vulnerabilities affected in pan-os 9.0.2-h4NCM
Multiple Vulnerabilities affected in pan-os 9.0.2NCM
Multiple Vulnerabilities affected in pan-os 9.0.1NCM
Multiple Vulnerabilities affected in pan-os 8.1.14NCM
Multiple Vulnerabilities affected in pan-os 8.1.11NCM
Multiple Vulnerabilities affected in pan-os 8.1.6-h2NCM
Multiple Vulnerabilities affected in pan-os 8.1.6NCM
Multiple Vulnerabilities affected in pan-os 8.1.1NCM
Insertion of Sensitive Information into Log File Vulnerability (CVE-2020-2043)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234