Palo Alto Networks Security Advisories / PAN-SA-2020-0011

PAN-SA-2020-0011 Informational: Impact of OpenSSL vulnerability CVE-2020-1971


047910
Severity 0 · NONE
Attack Vector Not applicable
Attack Complexity Not applicable
Attack Requirements Not applicable
User Interaction Not applicable
Product Confidentiality NONE
Product Integrity NONE
Product Availability NONE
Privileges Required Not applicable
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE
JSON
Published 2020-12-09
Updated 2020-12-09
Reference PAN-159783
Discovered externally

Description

Palo Alto Networks Product Security Assurance team has evaluated the vulnerability CVE-2020-1971 that affects the OpenSSL library.

The vulnerability does not have a security impact on PAN-OS, GlobalProtect App, or Cortex XSOAR. The scenarios required for successful exploitation do not exist on these products.

CVECVSSSummary
CVE-2020-19715.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)Denial of service vulnerability in OpenSSL related to EDIPARTYNAME NULL pointer de-reference

Product Status

VersionsAffectedUnaffected
Cortex XSOAR NoneAll
GlobalProtect App NoneAll
PAN-OS NoneAll

Severity: NONE

CVSSv4.0 Base Score: 0 (CVSS:4.0/AV:P/AC:H/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N)

Weakness Type

Solution

No product updates are required for these issues.

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2024 Palo Alto Networks, Inc. All rights reserved.