How severe is CVE-2020-2031?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.9 out of 10.

What type of vulnerability is CVE-2020-2031?

This is classified as CWE-191, which is a common weakness in software security.

CVE-2020-2031 - MEDIUM Severity | CVSS 4.9

Vulnerability Description

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. This issue does not impact PAN-OS 8.1, PAN-OS 9.0, or Prisma Access services.

Related Vulnerabilities

CVE-2017-8924

MEDIUM

CVSS:4.6(Medium)

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitia...

CWE-1912017

CVE-2018-3926

MEDIUM

CVSS:5.3(Medium)

An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore pro...

CWE-1912018

CVE-2020-11909

MEDIUM

CVSS:5.3(Medium)

The Treck TCP/IP stack before 6.0.1.66 has an IPv4 Integer Underflow.

CWE-1912020

CVE-2020-24370

MEDIUM

CVSS:5.3(Medium)

ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31).

CWE-1912020

CVE-2024-52558

MEDIUM

CVSS:5.3(Medium)

The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program.

CWE-1912024

CVE-2023-20635

MEDIUM

CVSS:4.4(Medium)

In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not n...

CWE-1912023