CVE-2021-3060 — OS Command Injection in Palo Alto Networks Prisma Access

CWE-78 — OS Command Injection4 documents4 sources

Severity

8.1HIGHNVD

EPSS

42.5%

top 2.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloaltonetworks Pan-os Palo Alto Networks Prisma Access +3 more

Timeline

PublishedNov 10

Latest updateMay 24

Description

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 …

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages6 packages

▶NVDpaloaltonetworks/prisma_access2.1

▶CVEListV5palo_alto_networks/prisma_access2.1 Innovation, 2.1 Preferred+1

▶Palo Altopaloalto/prisma_access

▶NVDpaloaltonetworks/pan-os10.0.0 — 10.0.8+4

▶CVEListV5palo_alto_networks/pan-os8.1 — 8.1.20-h1+4

🔴Vulnerability Details

GHSA

GHSA-xhxm-4vx2-mf6c: An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated networ↗2022-05-24

▶

CVEList

PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)↗2021-11-10

▶

📋Vendor Advisories

Palo Alto

PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)↗2021-11-10

▶