CVE-2020-1997— PAN-OS: GlobalProtect registration open redirect
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-1997
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PAN-OS: GlobalProtect registration open redirect
Source: NVD (National Vulnerability Database)
Vulnerability Description
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and potentially malicious website. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.0 versions earlier than 8.0.14.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Palo Alto Networks PAN-OS 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS 7.1.26之前7.1.x版本和8.0.14之前8.0.x版本中的GlobalProtect组件存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS | 8.1.* | - |
II. Public POCs for CVE-2020-1997
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-1997
请登录查看更多情报信息。
Vendor Advisories for CVE-2020-1997 (1)
- https://security.paloaltonetworks.com/CVE-2020-1997x_refsource_MISC
Same Patch Batch · Palo Alto Networks · 2020-05-13 · 24 CVEs total
| CVE-2020-2018 | 9.0 CRITICAL | PAN-OS: Panorama authentication bypass vulnerability |
| CVE-2020-2014 | 8.8 HIGH | PAN-OS: OS injection vulnerability in PAN-OS management server |
| CVE-2020-2015 | 8.8 HIGH | PAN-OS: Buffer overflow in the management server |
| CVE-2020-2017 | 8.8 HIGH | PAN-OS: DOM-Based cross site scripting vulnerability in management web interface |
| CVE-2020-2013 | 8.3 HIGH | PAN-OS: Panorama context switch session cookie disclosure |
| CVE-2020-2002 | 8.1 HIGH | PAN-OS: Spoofed Kerberos key distribution center authentication bypass |
| CVE-2020-2001 | 8.1 HIGH | PAN-OS: Panorama External control of file vulnerability leads to privilege escalation |
| CVE-2020-2012 | 7.5 HIGH | PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to informa |
| CVE-2020-2011 | 7.5 HIGH | PAN-OS: Panorama registration denial of service |
| CVE-2020-2010 | 7.2 HIGH | PAN-OS: Authenticated user command injection vulnerability |
| CVE-2020-2009 | 7.2 HIGH | PAN-OS: Panorama SD WAN arbitrary file creation |
| CVE-2020-2008 | 7.2 HIGH | PAN-OS: OS command injection or arbitrary file deletion vulnerability |
| CVE-2020-2007 | 7.2 HIGH | PAN-OS: OS command injection in management server |
| CVE-2020-2006 | 7.2 HIGH | PAN-OS: Buffer overflow in management server payload parser |
| CVE-2020-2005 | 7.1 HIGH | PAN-OS: GlobalProtect Clientless VPN session hijacking |
| CVE-2020-2016 | 7.0 HIGH | PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege esc |
| CVE-2020-2004 | 6.8 MEDIUM | GlobalProtect App: Passwords may be logged in clear text while collecting troubleshooting |
| CVE-2020-2003 | 6.5 MEDIUM | PAN-OS: Authenticated administrator can delete arbitrary system file |
| CVE-2020-1998 | 5.4 MEDIUM | PAN-OS: Improper SAML SSO authorization of shared local users |
| CVE-2020-1996 | 5.3 MEDIUM | PAN-OS: Panorama management server log injection |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: PAN-OS
- CVE-2025-0116
PAN-OS: Firewall Denial of Service (DoS) Using a Specially C - CVE-2025-0115
PAN-OS: Authenticated Admin File Read Vulnerability in PAN-O - CVE-2025-0114
PAN-OS: Denial of Service (DoS) in GlobalProtect - CVE-2024-9471
PAN-OS: Privilege Escalation (PE) Vulnerability in XML API - CVE-2024-8691
PAN-OS: User Impersonation in GlobalProtect Portal
Same vendor: Palo Alto Networks
- CVE-2026-0243
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through - CVE-2026-0248
Prisma Access Agent: Improper Certificate Validation Vulnera - CVE-2026-0242
Trust Protection Foundation: SQL Injection Vulnerability - CVE-2026-0244
Prisma SD-WAN: Improper Certificate Validation Vulnerability - CVE-2026-0241
Trust Protection Foundation: Multiple Authorization Bypass V
Same weakness: CWE-601
- CVE-2026-41569
authentik: WS-Federation wreply origin bypass can exfiltrate - CVE-2026-40181
React Router's same-origin redirect with path starting // ca - CVE-2026-45278
Nextcloud: Open Redirect in user_oidc login flow via protoco - CVE-2026-40961
Apache Airflow: Open Redirect Bypass Vulnerability - CVE-2026-49380
JetBrains TeamCity 输入验证错误漏洞
V. Comments for CVE-2020-1997
No comments yet