CVE-2020-2034 | PAN-OS GlobalProtect portalºÅÁî×¢Èë·ì϶¹«¸æ

°ä²¼¹¦·ò 2020-07-09

0x00 ·ì϶¸ÅÊö



CVE   ID

CVE-2020-2034

ʱ    ¼ä

2020-07-09

ÀàÐÍ

CI

µÈ    ¼¶

¸ßΣ

Ô¶³ÌÀûÓÃ

ÊÇ

Ó°ÏìÁìÓò

PAN-OS 9.1£º<9.1.3°æ±¾

PAN-OS 9.0£º<9.0.9°æ±¾

PAN-OS 8.1£º<8.1.15°æ±¾

PAN-OS 8.0£ºÈ«°æ±¾

PAN-OS 7.1£ºÈ«°æ±¾

0x01 ·ì϶ÏêÇé


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾



2020Äê7ÔÂ8ÈÕ£¬Palo Alto Networks°ä²¼°²È«²¼¸æ£¬½¨¸´ÁËÒ»¸öPAN-OS GlobalProtect portalÖеĺÅÁî×¢Èë·ì϶£¨CVE-2020-2034£©£¬¸Ã·ì϶µ¼ÖÂδ¾­Éí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÔÚÊÜÓ°ÏìµÄÉ豸ÉÏÒÔrootȨÏÞÖ´ÐÐËÁÒâOSºÅÁî¡£

°²È«²¼¸æ°µÊ¾£º

? Ê×ÏȱØҪ֪··À»ðǽµÄÅäÏàÐÅÏ¢²¢Í¨¹ý±©Á¦Æƽâ»ñÈ¡Óû§ÃûºÍÃÜÂëÄÜÁ¦ÀûÓø÷ì϶£»

? ÈôÊÇGlobalProtect portalÖ°ÄÜδÆôÓã¬ÔòÎÞ·¨ÀûÓø÷ì϶£»

? ¸Ã·ì϶²»Ó°ÏìPrisma Access·þÎñ¡£


0x02 ´ëÖý¨Òé


Ä¿Ç°³§ÉÌÒѽ¨¸´¸Ã·ì϶£¬ÇëÓйØÓû§ÊµÊ±Éý¼¶£º

PAN-OS 9.1£ºÉý¼¶µ½PAN-OS 9.1.3°æ±¾

PAN-OS 9.0£ºÉý¼¶µ½PAN-OS 9.0.9°æ±¾

PAN-OS 8.1£ºÉý¼¶µ½PAN-OS 8.1.15°æ±¾

PAN-OS 8.0£ºPAN-OS 8.0ÒÑÓÚ2019Äê10ÔÂ31ÈÕÖÕ³¡ÊØ»¤£¬½¨ÒéÓû§¸üе½×îа汾

PAN-OS 7.1£ºPAN-OS 8.0ÒÑÓÚ2020Äê6ÔÂ30ÈÕÖÕ³¡ÊØ»¤£¬½¨ÒéÓû§¸üе½×îа汾


0x03 ÓйØÐÂÎÅ


https://www.bleepingcomputer.com/news/security/palo-alto-networks-fixes-another-severe-flaw-in-pan-os-devices/


0x04 ²Î¿¼Á´½Ó


https://security.paloaltonetworks.com/CVE-2020-2034


0x05 ¹¦·òÏß


2020-07-08 Palo Alto Networks°ä²¼°²È«²¼¸æ

2020-07-09 VSRC°ä²¼·ì϶¹«¸æ


GA»Æ½ð¼×¡¤(ÖйúÇø)¹Ù·½ÍøÕ¾