CVE-2020-1991
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | Traps | 5.0 < 5.0.8 | affected |
| Palo Alto Networks | Traps | 6.1 < 6.1.4 | affected |
| Palo Alto Networks | Cortex XDR | 7.0.* | unaffected |
Weaknesses
- CWE-377: CWE-377 Insecure Temporary File
Workarounds
There are no viable workarounds for this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.