Palo Alto Networks Security Advisories / CVE-2020-1968

CVE-2020-1968 PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968

047910
Severity 3.7 · LOW
Attack Vector NETWORK
Attack Complexity HIGH
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact LOW
Integrity Impact NONE
Availability Impact NONE

Description

In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for use in traffic decryption improperly shares a cryptographic secret across multiple TLS connections, which weakens its cryptographic strength. This is a prerequisite for successful exploitation of the Raccoon attack (CVE-2020-1968), which allows an attacker to eavesdrop on encrypted traffic over those TLS connections.

Components that are known to be impacted by this vulnerability:

Web Interface

SSL Forward-Proxy

SSL Inbound Inspection

GlobalProtect Portal

GlobalProtect Gateway

GlobalProtect Clientless VPN

This issue impacts all versions of PAN-OS 8.1, all versions of PAN-OS 9.0, and all versions of PAN-OS 9.1. This issue does not impact any version of PAN-OS 10.0 or any later PAN-OS versions.

Prisma Access customers that have Prisma Access 2.0 Preferred and Prisma Access 2.1 Preferred firewalls are impacted by this issue.

Product Status

VersionsAffectedUnaffected
Prisma Access 2.2NonePreferred
Prisma Access 2.1PreferredInnovation
Prisma Access 2.0PreferredInnovation
PAN-OS 10.1None10.1.*
PAN-OS 10.0None10.0.*
PAN-OS 9.19.1.*
PAN-OS 9.09.0.*
PAN-OS 8.18.1.*

Required Configuration for Exposure

This issue is only applicable to PAN-OS firewalls configured to use SSL Forward Proxy, SSL Inbound Inspection, GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN and where the usage of the DHE key exchange is not disabled.

Severity: LOW

CVSSv3.1 Base Score: 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-203 Information Exposure Through Discrepancy

CWE-326 Inadequate Encryption Strength

Solution

Apply any of the workarounds to mitigate the risk of CVE-2020-1968.

This issue is fixed in PAN-OS 10.0.0 and all later PAN-OS versions.

This issue is fixed in Prisma Access 2.1 Innovation, Prisma Access 2.2 Preferred, and all later Prisma Access versions.

Workarounds and Mitigations

For all major versions of PAN-OS software earlier than PAN-OS 10.0 that use SSL Forward Proxy or SSL Inbound Proxy:

You must disable the DHE key exchange from the web interface. You can change this setting by selecting ‘Objects > Decryption Profile > SSL Protocol Settings’ and then disable (deselect) the 'DHE’ option.

For all PAN-OS 9.0 and PAN-OS 9.1 versions using web interface, GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN, you can use the following CLI command to disable the DHE key exchange:

"set shared ssl-tls-service-profile cert certificate <certificate-name> protocol-settings keyxchg-algo-dhe no"

For PAN-OS 8.1.20 and later PAN-OS 8.1 versions using web interface, GlobalProtect Portal, GlobalProtect Gateway, or GlobalProtect Clientless VPN, you can use the same CLI command to disable the DHE key exchange:

"set shared ssl-tls-service-profile cert certificate <certificate-name> protocol-settings keyxchg-algo-dhe no"

PAN-OS 10.0 and later PAN-OS versions are not impacted by this issue.

Timeline

Clarified Prisma Access affected and solution versions
Clarified Prisma Access affected versions
Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.