CVE-2020-1991

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:paloaltonetworks:traps:*:*:*:*:*:*:*:*
cpe:2.3:a:paloaltonetworks:traps:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:11

Type Values Removed Values Added
CVSS v2 : 3.6
v3 : 7.1
v2 : 3.6
v3 : 7.8
References () https://security.paloaltonetworks.com/CVE-2020-1991 - Vendor Advisory () https://security.paloaltonetworks.com/CVE-2020-1991 - Vendor Advisory

Information

Published : 2020-04-08 19:15

Updated : 2024-11-21 05:11


NVD link : CVE-2020-1991

Mitre link : CVE-2020-1991

CVE.ORG link : CVE-2020-1991


JSON object : View

Products Affected

microsoft

  • windows

paloaltonetworks

  • traps
CWE
CWE-377

Insecure Temporary File

CWE-269

Improper Privilege Management