cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who rated this post

PAN Security Advisory (11-AUG-2021)

Cyber Elite
Cyber Elite

Thought I would just put this notice out since I know a lot of people don't actually subscribe to security advisories directly. If you haven't already, I highly recommend that you sign up for notifications via https://security.paloaltonetworks.com/ and the 'Subscribe' feature at the top right.

As a general statement, you should ensure that you are on a respective PAN-OS build that is free of any published vulnerabilities or have compensating controls in-place to protect your environment from vulnerabilities. 

 

CVE-2021-3050: PAN-OS: Command Injection Vulnerability in Web Interface.

CVSS: 8.8

An authenticated administrator can execute arbitrary OS commands to escalate privileges. 

VersionUnaffected
PAN-OS 10.1>= 10.1.2
PAN-OS 10.0>= 10.0.8
PAN-OS 9.1>= 9.1.11
PAN-OS 9.0>= 9.0.15

 

CVE-2021-3046: PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal

CVSS: 6.8

AN improper authentication vulnerability exists that enables a SAMB authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication.

VersionUnaffected Version
PAN-OS 10.110.1.* (not affected by Vuln)
PAN-OS 10.0>= 10.0.5
PAN-OS 9.1>= 9.1.9
PAN-OS 9.0>= 9.0.14
PAN-OS 8.1>= 8.1.19

 

CVE-2021-3048: PAN-OS: Invalid URLs in an EDL can lead to firewall outage

CVSS: 5.9

Certain invalid URL entries contained in an EDL cause the devsrvr to stop responding. This condition causes subsequent commits to fail and prevents administrators from performing commits and configuration changes, however the firewall remains otherwise functional. If the firewall restarts, it results in a DoS condition and the firewall stops processing traffic.

VersionUnaffected
PAN-OS 10.110.1.* (Not affected by vuln)
PAN-OS 10.0>= 10.0.5
PAN-OS 9.1>= 9.1.9
PAN-OS 9.0>= 9.0.14
PAN-OS 8.18.1.* (Not affected by vuln)

 

CVE-2021-3045: PAN-OS: OS Command Argument Injection in Web Interface

CVSS: 4.9

An OS command injection vulnerability exists in the web interface that enables an authenticated administrator to read any arbitrary file from the file system.

VersionUnaffected
PAN-OS 10.110.1.* (Not affected by vuln)
PAN-OS 10.010.0.* (Not affected by vuln)
PAN-OS 9.1>= 9.1.10
PAN-OS 9.0>= 9.0.14
PAN-OS 8.1>= 8.1.19

 

CVE-2021-3047: PAN-OS: Weak Cryptography used in web interface authentication

CVSS: 4.2

A cryptographically weak pseudo-random number generator is used during authentication to the web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authentication web interface administrator's session.

 

VersionUnaffected
PAN-OS 10.110.1.* (Not affected by vuln)
PAN-OS 10.0>= 10.0.4
PAN-OS 9.1>= 9.1.10
PAN-OS 9.0>= 9.0.14
PAN-OS 8.1>= 8.1.19

 

CVE-2021-26701: XSOAR: Impact of PowerShell Vulnerability CVE-2021-26701

CVSS: 0

XSOAR maintains docker images with PowerShell available for customers to use. The base image was updated on May 19,2021 with PowerShell version 7.1.3. PAN urges customers to upgrade their docker images to a version with the tag 7.1.3 or higher to protect against PowerShell vulnerability CVE-2021-26701.

Who rated this post