Palo Alto Networks Security Advisories / CVE-2020-1968

CVE-2020-1968 PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968

047910
Severity 3.7 · LOW
Attack Vector NETWORK
Scope UNCHANGED
Attack Complexity HIGH
Confidentiality Impact LOW
Privileges Required NONE
Integrity Impact NONE
User Interaction NONE
Availability Impact NONE

Description

In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for use in traffic decryption improperly shares a cryptographic secret across multiple TLS connections, which weakens its cryptographic strength. This is a prerequisite for successful exploitation of the Raccoon attack (CVE-2020-1968), which allows an attacker to eavesdrop on encrypted traffic over those TLS connections.

Components that are known to be impacted by this vulnerability:

SSL Forward-Proxy

SSL Inbound Inspection

GlobalProtect Portal

GlobalProtect Gateway

GlobalProtect Clientless VPN

This issue impacts all versions of PAN-OS 8.1, all versions of PAN-OS 9.0, and all versions of PAN-OS 9.1. This issue does not impact any version of PAN-OS 10.0 or any later PAN-OS versions.

Prisma Access customers that have Prisma Access 2.0 Preferred and Prisma Access 2.1 Preferred firewalls are impacted by this issue.

Product Status

VersionsAffectedUnaffected
PAN-OS 10.1None10.1.*
PAN-OS 10.0None10.0.*
PAN-OS 9.19.1.*
PAN-OS 9.09.0.*
PAN-OS 8.18.1.*
Prisma Access 2.2NonePreferred
Prisma Access 2.1PreferredInnovation
Prisma Access 2.0PreferredInnovation

Required Configuration for Exposure

This issue is only applicable to PAN-OS firewalls configured to use SSL Forward Proxy, SSL Inbound Inspection, GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN and where the usage of the DHE key exchange is not disabled.

Severity: LOW

CVSSv3.1 Base Score: 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-203 Information Exposure Through Discrepancy

CWE-326 Inadequate Encryption Strength

Solution

Apply any of the workarounds to mitigate the risk of CVE-2020-1968.

This issue is fixed in PAN-OS 10.0.0 and all later PAN-OS versions.

This issue is fixed in Prisma Access 2.1 Innovation, Prisma Access 2.2 Preferred, and all later Prisma Access versions.

Workarounds and Mitigations

For all major versions of PAN-OS software earlier than PAN-OS 10.0 that use SSL Forward Proxy or SSL Inbound Proxy:

You must disable the DHE key exchange from the web interface. You can change this setting by selecting ‘Objects > Decryption Profile > SSL Protocol Settings’ and then disable (deselect) the 'DHE’ option.

For all PAN-OS 9.0 and PAN-OS 9.1 versions using GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN, you can use the following CLI command to disable the DHE key exchange:

"set shared ssl-tls-service-profile <ssl-tls-service-profile-name> protocol-settings keyxchg-algo-dhe no"

For PAN-OS 8.1.20 and later PAN-OS 8.1 versions using GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN, you can use the same CLI command to disable the DHE key exchange:

"set shared ssl-tls-service-profile <ssl-tls-service-profile-name> protocol-settings keyxchg-algo-dhe no"

PAN-OS 10.0 and later PAN-OS versions are not impacted by this issue.

Timeline

Updated work around CLI command and impacted components
Clarified Prisma Access affected and solution versions
Clarified Prisma Access affected versions
Initial publication
© 2024 Palo Alto Networks, Inc. All rights reserved.