CVE-2021-3057 – GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway
https://notcve.org/view.php?id=CVE-2021-3057
A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux. Se presenta una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en Palo Alto Networks GlobalProtect app que permite a un atacante que actúa como intermediario interrumpir los procesos del sistema y ejecutar potencialmente código arbitrario con privilegios SYSTEM. Este problema afecta: GlobalProtect app 5.1 versiones anteriores a GlobalProtect app 5.1.9 en Windows; GlobalProtect app 5.2 versiones anteriores a GlobalProtect app 5.2.8 en Windows; GlobalProtect app 5.2 versiones anteriores a GlobalProtect app 5.2.8 en la Plataforma Universal Windows; GlobalProtect app 5.3 versiones anteriores a GlobalProtect app 5.3.1 en Linux • https://security.paloaltonetworks.com/CVE-2021-3057 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-3055 – PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface
https://notcve.org/view.php?id=CVE-2021-3055
An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.6. This issue does not affect Prisma Access. Una vulnerabilidad de restricción inapropiada de tipo XML external entity (XXE) en la interfaz web de Palo Alto Networks PAN-OS permite a un administrador autenticado leer cualquier archivo arbitrario del sistema de archivos y enviar una petición específicamente diseñada al firewall que cause el bloqueo del servicio. • https://security.paloaltonetworks.com/CVE-2021-3055 • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2021-3054 – PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability
https://notcve.org/view.php?id=CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7; PAN-OS 10.1 versions earlier than PAN-OS 10.1.2. This issue does not affect Prisma Access. Una vulnerabilidad de condición de carrera de tiempo de comprobación a tiempo de uso (TOCTOU) en la interfaz web de Palo Alto Networks PAN-OS permite a un administrador autenticado con permiso para cargar plugins ejecutar código arbitrario con privilegios de usuario root. Este problema afecta a: PAN-OS versión 8.1 anteriores a PAN-OS 8.1.20; PAN-OS versión 9.0 anteriores a PAN-OS 9.0.14; PAN-OS versión 9.1 anteriores a PAN-OS 9.1.11; PAN-OS versión 10.0 anteriores a PAN-OS 10.0.7; PAN-OS versión 10.1 anteriores a PAN-OS 10.1.2. • https://security.paloaltonetworks.com/CVE-2021-3054 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2021-3053 – PAN-OS: Exceptional Condition Denial-of-Service (DoS)
https://notcve.org/view.php?id=CVE-2021-3053
An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. This issue does not affect Prisma Access. Se presenta una vulnerabilidad de administración inapropiada de condiciones excepcionales en el plano de datos de PAN-OS de Palo Alto Networks que permite a un atacante no autenticado basado en la red enviar tráfico específicamente diseñado mediante el firewall que causa un bloqueo del servicio. • https://security.paloaltonetworks.com/CVE-2021-3053 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2021-3052 – PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface
https://notcve.org/view.php?id=CVE-2021-3052
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.20; PAN-OS 9.0 versions earlier than 9.0.14; PAN-OS 9.1 versions earlier than 9.1.10; PAN-OS 10.0 versions earlier than 10.0.2. This issue does not affect Prisma Access. Una vulnerabilidad de tipo cross-site scripting (XSS) reflejado en la interfaz web de PAN-OS de Palo Alto Network permite a un atacante autenticado basado en la red engañar a otro administrador autenticado de PAN-OS para que haga clic en un enlace especialmente diseñado que realice acciones arbitrarias en la interfaz web de PAN-OS como el administrador autenticado objetivo. Este problema afecta a: PAN-OS versión 8.1 anteriores a 8.1.20; PAN-OS versión 9.0 anteriores a 9.0.14; PAN-OS versión 9.1 anteriores a 9.1.10; PAN-OS versión 10.0 anteriores a 10.0.2. • https://security.paloaltonetworks.com/CVE-2021-3052 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •