CVE-2021-3064 – PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
https://notcve.org/view.php?id=CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue. Se presenta una vulnerabilidad de corrupción de memoria en las interfaces del portal y la puerta de enlace de Palo Alto Networks GlobalProtect que permite a un atacante no autenticado basado en la red interrumpir los procesos del sistema y ejecutar potencialmente código arbitrario con privilegios de root. • https://github.com/0xhaggis/CVE-2021-3064 https://security.paloaltonetworks.com/CVE-2021-3064 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-3063 – PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces
https://notcve.org/view.php?id=CVE-2021-3063
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers are not impacted by this issue. Se presenta una vulnerabilidad de administración inapropiada de condiciones excepcionales en las interfaces de portal y puerta de enlace de Palo Alto Networks GlobalProtect que permite a un atacante no autenticado basado en la red enviar tráfico específicamente diseñado a una interfaz de GlobalProtect que cause que el servicio deje de responder. • https://security.paloaltonetworks.com/CVE-2021-3063 • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2021-3062 – PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users
https://notcve.org/view.php?id=CVE-2021-3062
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls. Prisma Access customers are not impacted by this issue. Una vulnerabilidad de control de acceso inapropiada en el software PAN-OS permite a un atacante con acceso autenticado a los portales y puertas de enlace de GlobalProtect conectarse al endpoint de metadatos de la instancia EC2 para los firewalls VM-Series alojados en Amazon AWS. • https://security.paloaltonetworks.com/CVE-2021-3062 • CWE-284: Improper Access Control •
CVE-2021-3061 – PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
https://notcve.org/view.php?id=CVE-2021-3061
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue. Una vulnerabilidad de inyección de comandos del sistema operativo en la interfaz de línea de comandos (CLI) de PAN-OS de Palo Alto Networks permite que un administrador autenticado con acceso a la CLI ejecute comandos arbitrarios del sistema operativo para aumentar sus privilegios. Este problema afecta a: PAN-OS versiones 8.1 anteriores a PAN-OS 8.1.20-h1; PAN-OS versiones 9.0 anteriores a PAN-OS 9.0.14-h3; PAN-OS versiones 9.1 anteriores a PAN-OS 9.1.11-h2; PAN-OS versiones 10.0 anteriores a PAN-OS 10.0.8; PAN-OS versiones 10.1 anteriores a PAN-OS 10.1.3. • https://security.paloaltonetworks.com/CVE-2021-3061 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2021-3060 – PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)
https://notcve.org/view.php?id=CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue. Una vulnerabilidad de inyección de comandos del sistema operativo en la función Simple Certificate Enrollment Protocol (SCEP) del software PAN-OS permite a un atacante no autenticado basado en la red con conocimientos específicos de la configuración del firewalls ejecutar código arbitrario con privilegios de usuario root. • https://github.com/anmolksachan/CVE-2021-3060 https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html https://security.paloaltonetworks.com/CVE-2021-3060 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •