BugZero | Palo Alto Networks BugID PAN-118957 - A fix was made to address an authentication bypass...

Palo Alto Networks - Defect ID: PAN-118957

A fix was made to address an authentication bypass spoofing vulnerability in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS ( CVE-2020-2002 ).

Palo Alto Networks - Defect ID: PAN-118957

A fix was made to address an authentication bypass spoofing vulnerability in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS ( CVE-2020-2002 ).

Last updated on July 22nd, 2025

BugZero Risk Score
6.3 Medium

Overall: 6.3

Severity: 6.4

Community: 3.7

Lifecycle: 10.0

What is the BugZero Risk Score?

Palo Alto Networks Integration

Learn more about where this data comes from

Palo Alto Networks Integration

Learn more

BugZero Plan

Streamline upgrades with automated vendor bug scrubs

BugZero Plan

Learn more

BugZero Prevent

Wish you caught this bug sooner? Get proactive today.

BugZero Prevent

Learn more

Bug Details

Description

Disclaimer

Known affected versions were inferred from fixed-version data and were not explicitly confirmed by the vendor: 8.1.12

The earliest recollection of this bug is traced back to PAN-OS 8.1.13 - July 22, 2025. This bug is fixed in PAN-OS versions 8.1.13. A fix was made to address an authentication bypass spoofing vulnerability in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS ( CVE-2020-2002 ). For more information: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-addressed-issues/pan-os-8-1-13-addressed-issues

Change history

No changes to display

2025-07-22 Added: 8.1.12

Top Palo Alto Networks Defects

6.7Defect ID: PAN-214430
Fixed an issue where some commands did not have executable permissions.
6.6Defect ID: 254927
( PA-7500 Series firewalls only ) Fixed an issue where data packets sent to threat inspection processing on the networking card caused the pan_task process to stop responding.
6.3Defect ID: PAN-192176
Fixed an issue where the management server access log file did not rotate, which caused the root partition to become full and led to system instability.
6.3Defect ID: PAN-202619
Fixed an issue where, when SPI values were different for static and dynamic Satellite tunnel IP addresses during IPSec tunnel renegotiation, traffic issues occurred between the satellite and the gateway.
6.3Defect ID: PAN-197428
Fixed an issue where IKE negotiation with distinguished name identification did not work.

Ready to prevent the next vendor outage?

Get a demo

Palo Alto Networks - Defect ID: PAN-118957

A fix was made to address an authentication bypass spoofing vulnerability in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS ( CVE-2020-2002 ).

Palo Alto Networks - Defect ID: PAN-118957

A fix was made to address an authentication bypass spoofing vulnerability in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS ( CVE-2020-2002 ).

Last updated on July 22nd, 2025

BugZero Risk Score6.3 Medium

Bug Details

Disclaimer

Links

Top Palo Alto Networks Defects

Ready to prevent the next vendor outage?

BugZero Risk Score
6.3 Medium