CVSS: 8.1EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3051 – Cortex XSOAR: Authentication Bypass in SAML Authentication
https://notcve.org/view.php?id=CVE-2021-3051
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the Cortex XSOAR instance to access protected resources and perform unauthorized actions on the Cortex XSOAR server. This issue impacts: Cortex XSOAR 5.5.0 builds earlier than 1578677; Cortex XSOAR 6.0.2 builds earlier than 1576452; Cortex XSOAR 6.1.0 builds earlier than 1578663; Cortex XSOAR 6.2.0 builds earlier than 1578666. All Cortex XSOAR instances hosted by Palo Alto Networks are protected from this vulnerability; no additional action is required for these instances. Se presenta una vulnerabilidad de verificación inapropiada de la firma criptográfica en la autenticación SAML de Cortex XSOAR que permite a un atacante no autenticado basado en la red con conocimiento específico de la instancia de Cortex XSOAR acceder a recursos protegidos y llevar a cabo acciones no autorizadas en el servidor de Cortex XSOAR. Este problema afecta: Cortex XSOAR 5.5.0 builds anteriores a 1578677; Cortex XSOAR 6.0.2 builds anteriores a 1576452; Cortex XSOAR 6.1.0 builds anteriores a 1578663; Cortex XSOAR 6.2.0 builds anteriores a 1578666. • https://security.paloaltonetworks.com/CVE-2021-3051 • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2021-3049 – Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability
https://notcve.org/view.php?id=CVE-2021-3049
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impacts: All Cortex XSOAR 5.5.0 builds; Cortex XSOAR 6.1.0 builds earlier than 12099345. This issue does not impact Cortex XSOAR 6.2.0 versions. Una vulnerabilidad de autorización inapropiada en el servidor Cortex XSOAR de Palo Alto Networks permite a un atacante autenticado basado en la red con permisos de lectura de investigación descargar archivos de investigaciones de incidentes de los que presenta conocimiento pero no forma parte. Este problema afecta: Todas las builds de Cortex XSOAR 5.5.0; las builds de Cortex XSOAR 6.1.0 anteriores a 12099345. • https://security.paloaltonetworks.com/CVE-2021-3049 • CWE-285: Improper Authorization •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3050 – PAN-OS: OS Command Injection Vulnerability in Web Interface
https://notcve.org/view.php?id=CVE-2021-3050
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions; PAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1. Prisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue. Una vulnerabilidad de inyección de comandos del Sistema Operativo en la interfaz web de Palo Alto Networks PAN-OS, permite a un administrador autenticado ejecutar comandos arbitrarios del Sistema Operativo para escalar privilegios. Este problema afecta a: PAN-OS 9.0 versiones 9.0.10 hasta PAN-OS 9.0.14; PAN-OS 9.1 versiones 9.1.4 hasta PAN-OS 9.1.10; PAN-OS 10.0 versiones 10.0.7 y versiones anteriores a PAN-OS 10.0; PAN-OS 10.1 versiones 10.1.0 hasta PAN-OS 10.1.1. • https://security.paloaltonetworks.com/CVE-2021-3050 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3048 – PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage
https://notcve.org/view.php?id=CVE-2021-3048
Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted. • https://security.paloaltonetworks.com/CVE-2020-3048 https://security.paloaltonetworks.com/CVE-2021-3048 • CWE-20: Improper Input Validation •
CVSS: 4.2EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3047 – PAN-OS: Weak Cryptography Used in Web Interface Authentication
https://notcve.org/view.php?id=CVE-2021-3047
A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authenticated web interface administrator's session. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.4. PAN-OS 10.1 versions are not impacted. Es usado un generador de números pseudoaleatorios (PRNG) débil desde el punto de vista criptográfico durante la autenticación en la interfaz web de PAN-OS de Palo Alto Networks. • https://security.paloaltonetworks.com/CVE-2021-3047 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •