CVSS: 5.9EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3048 – PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage
https://notcve.org/view.php?id=CVE-2021-3048
Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted. • https://security.paloaltonetworks.com/CVE-2020-3048 https://security.paloaltonetworks.com/CVE-2021-3048 • CWE-20: Improper Input Validation •
CVSS: 4.2EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3047 – PAN-OS: Weak Cryptography Used in Web Interface Authentication
https://notcve.org/view.php?id=CVE-2021-3047
A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to impersonate another authenticated web interface administrator's session. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10; PAN-OS 10.0 versions earlier than PAN-OS 10.0.4. PAN-OS 10.1 versions are not impacted. Es usado un generador de números pseudoaleatorios (PRNG) débil desde el punto de vista criptográfico durante la autenticación en la interfaz web de PAN-OS de Palo Alto Networks. • https://security.paloaltonetworks.com/CVE-2021-3047 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3046 – PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal
https://notcve.org/view.php?id=CVE-2021-3046
An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted. Se presenta una vulnerabilidad de autenticación inapropiada en el software PAN-OS de Palo Alto Networks, que permite a un atacante con autenticación SAML hacerse pasar por cualquier otro usuario en GlobalProtect Portal y GlobalProtect Gateway cuando están configurados para usar la autenticación SAML. Este problema afecta a: PAN-OS versiones 8.1 anteriores a PAN-OS 8.1.19; PAN-OS versiones 9.0 anteriores a PAN-OS 9.0.14; PAN-OS versiones 9.1 anteriores a PAN-OS 9.1.9; PAN-OS versiones 10.0 anteriores a PAN-OS 10.0.5. • https://security.paloaltonetworks.com/CVE-2021-3046 • CWE-287: Improper Authentication •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3036 – PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly
https://notcve.org/view.php?id=CVE-2021-3036
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request. Se presenta una exposición de la información por medio de la vulnerabilidad del archivo de registro en el software PAN-OS de Palo Alto Networks, donde los secretos en las peticiones de la API XML de PAN-OS son registrados en texto sin cifrar en los registros del servidor web cuando la API son usados incorrectamente. Esta vulnerabilidad se aplica solo a dispositivos PAN-OS que están configurados para usar la API XML de PAN-OS y se presenta solo cuando un cliente incluye un parámetro de la API duplicado en peticiones de API. • https://security.paloaltonetworks.com/CVE-2021-3036 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-3032 – PAN-OS: Configuration secrets for log forwarding may be logged in system logs
https://notcve.org/view.php?id=CVE-2021-3032
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Se presenta una exposición de información mediante una vulnerabilidad del archivo de registro en el software PAN-OS de Palo Alto Networks, donde los secretos de configuración para los perfiles del servidor de reenvío de registros V3 “http”, “email”, y “snmptrap” pueden ser registrados en el registro del sistema logrcvr.log. La información registrada puede incluir hasta 1024 bytes de la configuración, incluyendo el nombre de usuario y la contraseña en forma cifrada y las claves privadas usadas en cualquier perfil de certificado establecido para perfiles de servidor de reenvío de registros. • https://security.paloaltonetworks.com/CVE-2021-3032 • CWE-532: Insertion of Sensitive Information into Log File •