Paloalto PAN-OS vulnerabilities

CVE-2021-3056 [HIGH] CWE-120 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.2

CVE-2021-3063 [HIGH] CWE-755 PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to st

CVE-2021-3061 [HIGH] CWE-78 PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI) PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI) An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. Affected products: PAN-OS, Prisma Access Solution: This issue is fixed in PAN-OS 8.1.20-h1,

CVE-2021-3062 [HIGH] CWE-284 PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation

CVE-2021-3060 [HIGH] CWE-78 PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP) PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP) An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to

CVE-2021-3058 [HIGH] CWE-78 PAN-OS: OS Command Injection Vulnerability in Web Interface XML API PAN-OS: OS Command Injection Vulnerability in Web Interface XML API An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. Affected products: PAN-OS, Prisma Access Solution: This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3

CVE-2020-1968 [LOW] CWE-203 PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968 PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968 In versions of Palo Alto Networks PAN-OS software earlier than PAN-OS 10.0, the DHE cipher available for use in traffic decryption improperly shares a cryptographic secret across multiple TLS connections, which weakens its cryptographic strength. This is a prerequisite for successful exploitation of the Raccoon attack (CVE-2020-1968), whic

CVE-2020-10188 [CRITICAL] CWE-120 PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188) PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188) A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code. The Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is di

CVE-2021-3053 [HIGH] CWE-755 PAN-OS: Exceptional Condition Denial-of-Service (DoS) PAN-OS: Exceptional Condition Denial-of-Service (DoS) An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting

CVE-2021-3054 [MEDIUM] CWE-367 PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. Affected products: PAN-OS Solution: This issue i

CVE-2021-3052 [MEDIUM] CWE-79 PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. A

CVE-2021-3055 [MEDIUM] CWE-611 PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to cr

CVE-2021-3050 [HIGH] CWE-78 PAN-OS: OS Command Injection Vulnerability in Web Interface PAN-OS: OS Command Injection Vulnerability in Web Interface An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 v

CVE-2021-3048 [MEDIUM] CWE-20 PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall r

CVE-2021-3045 [MEDIUM] CWE-88 PAN-OS: OS Command Argument Injection in Web Interface PAN-OS: OS Command Argument Injection in Web Interface An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. Affected products: PAN-OS Solution: This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.10, and all later PAN-OS versions. Workaround: This issue requires the att

CVE-2021-3046 [MEDIUM] CWE-287 PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. Affected products: PAN-OS Solution: This issue is

CVE-2021-3047 [LOW] CWE-338 PAN-OS: Weak Cryptography Used in Web Interface Authentication PAN-OS: Weak Cryptography Used in Web Interface Authentication A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authenticated web interface adm

CVE-2021-3036 [MEDIUM] CWE-532 PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS

CVE-2021-3037 [LOW] CWE-534 PAN-OS: Secrets for scheduled configuration exports are logged in system logs PAN-OS: Secrets for scheduled configuration exports are logged in system logs An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to t

CVE-2021-28041 [HIGH] PAN-OS: Informational: Impact of the OpenSSH vulnerability CVE-2021-28041 PAN-OS: Informational: Impact of the OpenSSH vulnerability CVE-2021-28041 The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSH software CVE-2021-28041 vulnerability. PAN-OS software does not utilize the ssh-agent component or provide access to the agent socket related to this vulnerability. There are no scenarios that enable successful exploitation of the vulnerability in