Rewterz Threat Advisory – CVE-2020-2021 – Palo Alto Authentication Bypass in SAML Authentication

June 29, 2020

Severity

High

Analysis Summary

When Security Assertion Markup Language (SAML) authentication is enabled and the ‘Validate Identity Provider Certificate’ option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability.

Impact

Authentication bypass

Affected Vendors

Palo Alto

Affected Products

PAN-OS 8.1 versions earlier than PAN-OS 8.1.15
PAN-OS 9.1 versions earlier than PAN-OS 9.1.3
PAN-OS 9.0 versions earlier than PAN-OS 9.0.9
all versions of PAN-OS 8.0 (EOL)

Remediation

Refer to vendor’s advisory for the list of affected version and respective patches.

https://security.paloaltonetworks.com/CVE-2020-2021

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Python RAT Uses Discord Interface to Execute Remote Attacks

Critical Alert: Jordanian Banks Under Siege by Everest Ransomware Group

The SocGholish-RansomHub Connection – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – GoldenSpy Malware

Rewterz Threat Advisory – CVE-2020-4557 – IBM Business Automation Workflow cross-site scripting Vulnerability

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.