CVE-2021-3059 - Vulnerability Details

Vendors	Products
Paloaltonetworks	Pan-os

Link	Providers
https://security.paloaltonetworks.com/CVE-2021-3059

{"containers": {"cna": {"affected": [{"product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "10.0.8", "status": "unaffected"}], "lessThan": "10.0.8", "status": "affected", "version": "10.0", "versionType": "custom"}, {"changes": [{"at": "10.1.3", "status": "unaffected"}], "lessThan": "10.1.3", "status": "affected", "version": "10.1", "versionType": "custom"}, {"changes": [{"at": "8.1.20-h1", "status": "unaffected"}], "lessThan": "8.1.20-h1", "status": "affected", "version": "8.1", "versionType": "custom"}, {"changes": [{"at": "9.0.14-h3", "status": "unaffected"}], "lessThan": "9.0.14-h3", "status": "affected", "version": "9.0", "versionType": "custom"}, {"changes": [{"at": "9.1.11-h2", "status": "unaffected"}], "lessThan": "9.1.11-h2", "status": "affected", "version": "9.1", "versionType": "custom"}]}, {"product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [{"status": "affected", "version": "2.1 Innovation"}, {"status": "affected", "version": "2.1 Preferred"}, {"lessThan": "2.2*", "status": "unaffected", "version": "all", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment > Dynamic Updates' in the web interface."}], "credits": [{"lang": "en", "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}], "datePublic": "2021-11-10T00:00:00", "descriptions": [{"lang": "en", "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 OS Command Injection", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-11-10T17:10:23", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.paloaltonetworks.com/CVE-2021-3059"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."}, {"lang": "en", "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."}], "source": {"defect": ["PAN-176618"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2021-11-10T00:00:00", "value": "Initial publication"}], "title": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates", "workarounds": [{"lang": "en", "value": "You can disable scheduled dynamic updates for the firewall at 'Device Deployment > Dynamic Updates' in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2021-11-10T17:00:00.000Z", "ID": "CVE-2021-3059", "STATE": "PUBLIC", "TITLE": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "PAN-OS", "version": {"version_data": [{"version_affected": "<", "version_name": "10.0", "version_value": "10.0.8"}, {"version_affected": "<", "version_name": "10.1", "version_value": "10.1.3"}, {"version_affected": "!>=", "version_name": "10.0", "version_value": "10.0.8"}, {"version_affected": "!>=", "version_name": "10.1", "version_value": "10.1.3"}, {"version_affected": "<", "version_name": "8.1", "version_value": "8.1.20-h1"}, {"version_affected": "!>=", "version_name": "8.1", "version_value": "8.1.20-h1"}, {"version_affected": "<", "version_name": "9.0", "version_value": "9.0.14-h3"}, {"version_affected": "!>=", "version_name": "9.0", "version_value": "9.0.14-h3"}, {"version_affected": "<", "version_name": "9.1", "version_value": "9.1.11-h2"}, {"version_affected": "!>=", "version_name": "9.1", "version_value": "9.1.11-h2"}]}}, {"product_name": "Prisma Access", "version": {"version_data": [{"version_affected": "!>=", "version_name": "2.2", "version_value": "all"}, {"version_affected": "=", "version_name": "2.1", "version_value": "Innovation"}, {"version_affected": "=", "version_name": "2.1", "version_value": "Preferred"}]}}]}, "vendor_name": "Palo Alto Networks"}]}}, "configuration": [{"lang": "en", "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment > Dynamic Updates' in the web interface."}], "credit": [{"lang": "eng", "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."}]}, "exploit": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-78 OS Command Injection"}]}]}, "references": {"reference_data": [{"name": "https://security.paloaltonetworks.com/CVE-2021-3059", "refsource": "MISC", "url": "https://security.paloaltonetworks.com/CVE-2021-3059"}]}, "solution": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."}, {"lang": "en", "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."}], "source": {"defect": ["PAN-176618"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2021-11-10T00:00:00", "value": "Initial publication"}], "work_around": [{"lang": "en", "value": "You can disable scheduled dynamic updates for the firewall at 'Device Deployment > Dynamic Updates' in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."}], "x_advisoryEoL": false, "x_affectedList": ["Prisma Access 2.1", "PAN-OS 10.1.2", "PAN-OS 10.1.1", "PAN-OS 10.1.0", "PAN-OS 10.1", "PAN-OS 10.0.7", "PAN-OS 10.0.6", "PAN-OS 10.0.5", "PAN-OS 10.0.4", "PAN-OS 10.0.3", "PAN-OS 10.0.2", "PAN-OS 10.0.1", "PAN-OS 10.0.0", "PAN-OS 10.0", "PAN-OS 9.1.11-h1", "PAN-OS 9.1.11", "PAN-OS 9.1.10", "PAN-OS 9.1.9", "PAN-OS 9.1.8", "PAN-OS 9.1.7", "PAN-OS 9.1.6", "PAN-OS 9.1.5", "PAN-OS 9.1.4", "PAN-OS 9.1.3-h1", "PAN-OS 9.1.3", "PAN-OS 9.1.2-h1", "PAN-OS 9.1.2", "PAN-OS 9.1.1", "PAN-OS 9.1.0-h3", "PAN-OS 9.1.0-h2", "PAN-OS 9.1.0-h1", "PAN-OS 9.1.0", "PAN-OS 9.1", "PAN-OS 9.0.14-h2", "PAN-OS 9.0.14-h1", "PAN-OS 9.0.14", "PAN-OS 9.0.13", "PAN-OS 9.0.12", "PAN-OS 9.0.11", "PAN-OS 9.0.10", "PAN-OS 9.0.9-h1", "PAN-OS 9.0.9", "PAN-OS 9.0.8", "PAN-OS 9.0.7", "PAN-OS 9.0.6", "PAN-OS 9.0.5", "PAN-OS 9.0.4", "PAN-OS 9.0.3-h3", "PAN-OS 9.0.3-h2", "PAN-OS 9.0.3-h1", "PAN-OS 9.0.3", "PAN-OS 9.0.2-h4", "PAN-OS 9.0.2-h3", "PAN-OS 9.0.2-h2", "PAN-OS 9.0.2-h1", "PAN-OS 9.0.2", "PAN-OS 9.0.1", "PAN-OS 9.0.0", "PAN-OS 9.0", "PAN-OS 8.1.20", "PAN-OS 8.1.19", "PAN-OS 8.1.18", "PAN-OS 8.1.17", "PAN-OS 8.1.16", "PAN-OS 8.1.15-h3", "PAN-OS 8.1.15-h2", "PAN-OS 8.1.15-h1", "PAN-OS 8.1.15", "PAN-OS 8.1.14-h2", "PAN-OS 8.1.14-h1", "PAN-OS 8.1.14", "PAN-OS 8.1.13", "PAN-OS 8.1.12", "PAN-OS 8.1.11", "PAN-OS 8.1.10", "PAN-OS 8.1.9-h4", "PAN-OS 8.1.9-h3", "PAN-OS 8.1.9-h2", "PAN-OS 8.1.9-h1", "PAN-OS 8.1.9", "PAN-OS 8.1.8-h5", "PAN-OS 8.1.8-h4", "PAN-OS 8.1.8-h3", "PAN-OS 8.1.8-h2", "PAN-OS 8.1.8-h1", "PAN-OS 8.1.8", "PAN-OS 8.1.7", "PAN-OS 8.1.6-h2", "PAN-OS 8.1.6-h1", "PAN-OS 8.1.6", "PAN-OS 8.1.5", "PAN-OS 8.1.4", "PAN-OS 8.1.3", "PAN-OS 8.1.2", "PAN-OS 8.1.1", "PAN-OS 8.1.0", "PAN-OS 8.1"], "x_likelyAffectedList": ["PAN-OS 8.0.20", "PAN-OS 8.0.19-h1", "PAN-OS 8.0.19", "PAN-OS 8.0.18", "PAN-OS 8.0.17", "PAN-OS 8.0.16", "PAN-OS 8.0.15", "PAN-OS 8.0.14", "PAN-OS 8.0.13", "PAN-OS 8.0.12", "PAN-OS 8.0.11-h1", "PAN-OS 8.0.10", "PAN-OS 8.0.9", "PAN-OS 8.0.8", "PAN-OS 8.0.7", "PAN-OS 8.0.6-h3", "PAN-OS 8.0.6-h2", "PAN-OS 8.0.6-h1", "PAN-OS 8.0.6", "PAN-OS 8.0.5", "PAN-OS 8.0.4", "PAN-OS 8.0.3-h4", "PAN-OS 8.0.3-h3", "PAN-OS 8.0.3-h2", "PAN-OS 8.0.3-h1", "PAN-OS 8.0.3", "PAN-OS 8.0.2", "PAN-OS 8.0.1", "PAN-OS 8.0.0", "PAN-OS 8.0", "PAN-OS 7.1.26", "PAN-OS 7.1.25", "PAN-OS 7.1.24-h1", "PAN-OS 7.1.24", "PAN-OS 7.1.23", "PAN-OS 7.1.22", "PAN-OS 7.1.21", "PAN-OS 7.1.20", "PAN-OS 7.1.19", "PAN-OS 7.1.18", "PAN-OS 7.1.17", "PAN-OS 7.1.16", "PAN-OS 7.1.15", "PAN-OS 7.1.14", "PAN-OS 7.1.13", "PAN-OS 7.1.12", "PAN-OS 7.1.11", "PAN-OS 7.1.10", "PAN-OS 7.1.9-h4", "PAN-OS 7.1.9-h3", "PAN-OS 7.1.9-h2", "PAN-OS 7.1.9-h1", "PAN-OS 7.1.9", "PAN-OS 7.1.8", "PAN-OS 7.1.7", "PAN-OS 7.1.6", "PAN-OS 7.1.5", "PAN-OS 7.1.4-h2", "PAN-OS 7.1.4-h1", "PAN-OS 7.1.4", "PAN-OS 7.1.3", "PAN-OS 7.1.2", "PAN-OS 7.1.1", "PAN-OS 7.1.0", "PAN-OS 7.1"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:45:51.098Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.paloaltonetworks.com/CVE-2021-3059"}]}]}, "cveMetadata": {"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2021-3059", "datePublished": "2021-11-10T17:10:23.093770Z", "dateReserved": "2021-01-06T00:00:00", "dateUpdated": "2024-09-16T17:03:16.819Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "8E492841-3CD5-4DDF-B43C-EE04B5556BE2", "versionEndIncluding": "8.1.20", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E95975B-A993-48FE-BA16-C89BEB075CBE", "versionEndIncluding": "9.0.14", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C95A07E-5F94-4907-A283-954B7924DA3A", "versionEndIncluding": "9.1.11", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "C408A950-281A-49DC-9376-F1D943280371", "versionEndExcluding": "10.0.8", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "40AFDDF3-0AB4-4A18-93E9-01EE5BDE9D2E", "versionEndExcluding": "10.1.3", "versionStartIncluding": "10.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en la interfaz de administraci\u00f3n de PAN-OS de Palo Alto Networks cuando se llevan a cabo actualizaciones din\u00e1micas. Esta vulnerabilidad permite a un atacante de tipo \"man-in-the-middle\" ejecutar comandos arbitrarios del sistema operativo para escalar privilegios. Este problema afecta a: PAN-OS versiones 8.1 anteriores a PAN-OS 8.1.20-h1; PAN-OS versiones 9.0 anteriores a PAN-OS 9.0.14-h3; PAN-OS versiones 9.1 anteriores a PAN-OS 9.1.11-h2; PAN-OS versiones 10.0 anteriores a PAN-OS 10.0.8; PAN-OS versiones 10.1 anteriores a PAN-OS 10.1.3. Los clientes de Prisma Access que presentan firewalls Prisma Access versi\u00f3n 2.1 Preferred o Prisma Access versi\u00f3n 2.1 Innovation est\u00e1n afectados por este problema"}], "id": "CVE-2021-3059", "lastModified": "2024-11-21T06:20:52.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-11-10T17:15:10.030", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2021-3059"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2021-3059"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object