Palo Alto Networks Security Advisories / PAN-SA-2020-0011

PAN-SA-2020-0011 Informational: Impact of OpenSSL vulnerability CVE-2020-1971

047910
Severity 0 · NONE
Urgency Not applicable
Response Effort Not applicable
Recovery Not applicable
Value Density Not applicable
Attack Vector Not applicable
Attack Complexity Not applicable
Attack Requirements Not applicable
Automatable Not applicable
User Interaction Not applicable
Product Confidentiality NONE
Product Integrity NONE
Product Availability NONE
Privileges Required Not applicable
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE

Description

Palo Alto Networks Product Security Assurance team has evaluated the vulnerability CVE-2020-1971 that affects the OpenSSL library.

The vulnerability does not have a security impact on PAN-OS, GlobalProtect App, or Cortex XSOAR. The scenarios required for successful exploitation do not exist on these products.

CVECVSSSummary
CVE-2020-19715.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)Denial of service vulnerability in OpenSSL related to EDIPARTYNAME NULL pointer de-reference

Product Status

VersionsAffectedUnaffected
Cortex XSOAR NoneAll
GlobalProtect App NoneAll
PAN-OS NoneAll

Severity: NONE

CVSSv4.0 Base Score: 0 (CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N)

Weakness Type

Solution

No product updates are required for these issues.

Timeline

Initial publication
© 2024 Palo Alto Networks, Inc. All rights reserved.