CVE-2021-3038 - Vulnerability Details - OpenCVE

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00045.

Key SSVC decision points have not yet been added.

Vendors	Products
Paloaltonetworks	Globalprotect

Configuration 1 [-]

OR	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*
	cpe:2.3:a:paloaltonetworks:globalprotect::::::windows::*

No data.

No data.

Fixes

Solution

This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2021-3038

History

No history.

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2021-04-20T03:15:18.565071Z

Updated: 2024-09-16T17:49:11.570Z

Reserved: 2021-01-06T00:00:00

Link: CVE-2021-3038

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-04-20T04:15:12.840

Modified: 2024-11-21T06:20:48.850

Link: CVE-2021-3038

Redhat

No data.

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"platforms": ["Windows"], "product": "GlobalProtect App", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "5.1.8", "status": "unaffected"}], "lessThan": "5.1.8", "status": "affected", "version": "5.1", "versionType": "custom"}, {"changes": [{"at": "5.2.4", "status": "unaffected"}], "lessThan": "5.2.4", "status": "affected", "version": "5.2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks Christophe Schleypen from NCIA / NCIRC for discovering and reporting this issue."}], "datePublic": "2021-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4."}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-248", "description": "CWE-248 Uncaught Exception", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-04-20T03:15:18", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2021-3038"}], "solutions": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions."}], "source": {"defect": ["GPC-10983"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2021-04-14T00:00:00", "value": "Initial publication"}], "title": "GlobalProtect App: Windows VPN kernel driver denial of service (DoS)", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2021-04-14T16:00:00.000Z", "ID": "CVE-2021-3038", "STATE": "PUBLIC", "TITLE": "GlobalProtect App: Windows VPN kernel driver denial of service (DoS)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GlobalProtect App", "version": {"version_data": [{"platform": "Windows", "version_affected": "<", "version_name": "5.1", "version_value": "5.1.8"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "5.1", "version_value": "5.1.8"}, {"platform": "Windows", "version_affected": "<", "version_name": "5.2", "version_value": "5.2.4"}, {"platform": "Windows", "version_affected": "!>=", "version_name": "5.2", "version_value": "5.2.4"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks Christophe Schleypen from NCIA / NCIRC for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4."}]}, "exploit": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20 Improper Input Validation"}]}, {"description": [{"lang": "eng", "value": "CWE-248 Uncaught Exception"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2021-3038", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2021-3038"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in GlobalProtect app 5.1.8, GlobalProtect app 5.2.4, and all later GlobalProtect app versions."}], "source": {"defect": ["GPC-10983"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2021-04-14T00:00:00", "value": "Initial publication"}], "x_advisoryEoL": false, "x_affectedList": ["GlobalProtect App 5.2.3", "GlobalProtect App 5.2.2", "GlobalProtect App 5.2.1", "GlobalProtect App 5.2.0", "GlobalProtect App 5.2", "GlobalProtect App 5.1.7", "GlobalProtect App 5.1.6", "GlobalProtect App 5.1.5", "GlobalProtect App 5.1.4", "GlobalProtect App 5.1.3", "GlobalProtect App 5.1.1", "GlobalProtect App 5.1.0", "GlobalProtect App 5.1"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:45:50.745Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2021-3038"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2021-3038", "datePublished": "2021-04-20T03:15:18.565071Z", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-09-16T17:49:11.570Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "F9DF37EB-CA9A-43AF-9291-9DE99330E9AC", "versionEndExcluding": "5.1.8", "versionStartIncluding": "5.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:windows:*:*", "matchCriteriaId": "DD74EA32-59A1-41A3-9445-E886CA324C5A", "versionEndExcluding": "5.2.4", "versionStartIncluding": "5.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4."}, {"lang": "es", "value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en la aplicaci\u00f3n Palo Alto Networks GlobalProtect en sistemas Windows, permite a un usuario limitado de Windows enviar informaci\u00f3n espec\u00edficamente dise\u00f1ada a la aplicaci\u00f3n GlobalProtect que resulta en un error de pantalla azul de finalizaci\u00f3n (BSOD) de Windows. Este problema afecta a: la aplicaci\u00f3n GlobalProtect versiones 5.1 anteriores a la aplicaci\u00f3n GlobalProtect versi\u00f3n 5.1.8; la aplicaci\u00f3n GlobalProtect versiones 5.2 anteriores a la aplicaci\u00f3n GlobalProtect versi\u00f3n 5.2.4"}], "id": "CVE-2021-3038", "lastModified": "2024-11-21T06:20:48.850", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2021-04-20T04:15:12.840", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2021-3038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2021-3038"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-248"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}