Vulnerability Details CVE-2020-1991
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 3.6
References
Products affected by CVE-2020-1991
-
cpe:2.3:a:paloaltonetworks:traps:5.0
-
cpe:2.3:a:paloaltonetworks:traps:5.0.5
-
cpe:2.3:a:paloaltonetworks:traps:5.0.6
-
cpe:2.3:a:paloaltonetworks:traps:6.1
-
cpe:2.3:o:microsoft:windows:-