CVE-2021-3048Improper Input Validation in Palo Alto Networks Pan-os

CWE-20Improper Input Validation4 documents4 sources
Severity
5.9MEDIUMNVD
EPSS
0.6%
top 30.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Palo Alto Networks Pan-osPaloaltonetworks Pan-osPaloalto Pan-os
Timeline
PublishedAug 11
Latest updateMay 24

Description

Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earli

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

NVDpaloaltonetworks/pan-os9.0.09.0.14+2
CVEListV5palo_alto_networks/pan-os9.09.0.14+2
Palo Altopaloalto/pan-os

🔴Vulnerability Details

2
GHSA
GHSA-9g4g-449x-h99g: Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding2022-05-24
CVEList
PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage2021-08-11

📋Vendor Advisories

1
Palo Alto
PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage2021-08-11
CVE-2021-3048 — Improper Input Validation in Palo | cvebase