CVE-2020-2020

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2.

CVSS v3 5.5 MEDIUM
CVSS v2.0 2.1 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

2.1^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 3.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2020-2020	Vendor Advisory
https://security.paloaltonetworks.com/CVE-2020-2020	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:paloaltonetworks:cortex_xdr_agent::::::::
	cpe:2.3:a:paloaltonetworks:cortex_xdr_agent::::::::
	cpe:2.3:a:paloaltonetworks:cortex_xdr_agent::::::::
	cpe:2.3:a:paloaltonetworks:cortex_xdr_agent::::::::

History

21 Nov 2024, 05:24

Type	Values Removed	Values Added
References	~~() https://security.paloaltonetworks.com/CVE-2020-2020 - Vendor Advisory~~	() https://security.paloaltonetworks.com/CVE-2020-2020 - Vendor Advisory

Information

Published : 2020-12-09 18:15

Updated : 2024-11-21 05:24

NVD link : CVE-2020-2020

Mitre link : CVE-2020-2020

CVE.ORG link : CVE-2020-2020

JSON object : View

Products Affected

paloaltonetworks

cortex_xdr_agent

CWE

CWE-755

Improper Handling of Exceptional Conditions

{"id": "CVE-2020-2020", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2020-12-09T18:15:10.663", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2020-2020", "tags": ["Vendor Advisory"], "source": "psirt@paloaltonetworks.com"}, {"url": "https://security.paloaltonetworks.com/CVE-2020-2020", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-755"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-755"}]}], "descriptions": [{"lang": "en", "value": "An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR Agent from starting when the software or machine is restarted. This issue impacts: Cortex XDR Agent 5.0 versions earlier than 5.0.10; Cortex XDR Agent 6.1 versions earlier than 6.1.7; Cortex XDR Agent 7.0 versions earlier than 7.0.3; Cortex XDR Agent 7.1 versions earlier than 7.1.2."}, {"lang": "es", "value": "Un manejo inapropiado de una vulnerabilidad de condiciones excepcionales en Cortex XDR Agent permite a un usuario de Windows autenticado localmente crear archivos en el directorio de programa interno del software que impide que se inicie Cortex XDR Agent. La condici\u00f3n excepcional es persistente e impide que Cortex XDR Agent se inicie cuando se reinicia el software o la m\u00e1quina. Este problema afecta a: Cortex XDR Agent versiones 5.0 anteriores a 5.0.10; Cortex XDR Agent versiones 6.1 anteriores a 6.1.7; Cortex XDR Agent versiones 7.0 anteriores a 7.0.3; Cortex XDR Agent versiones 7.1 anteriores a 7.1.2"}], "lastModified": "2024-11-21T05:24:28.077", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A75398A3-ED40-4983-A80A-ECAE760B5400", "versionEndExcluding": "5.0.10", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC3EA409-30E8-4E2D-B1B5-F2C946F3613B", "versionEndExcluding": "6.1.7", "versionStartIncluding": "6.1"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "762B2DF4-229D-4755-A0B3-47D4BFD8C21A", "versionEndExcluding": "7.0.3", "versionStartIncluding": "7.0"}, {"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2A974F5-3BEE-496F-8833-F7DC4D86C56D", "versionEndExcluding": "7.1.2", "versionStartIncluding": "7.1"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@paloaltonetworks.com"}