PT-2021-18709 · Palo Alto Networks · Pan-Os
Published
2021-01-13
·
Updated
2022-10-27
·
CVE-2021-3031
CVSS v3.1
4.3
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
PAN-OS versions prior to 8.1.18
PAN-OS versions prior to 9.0.12
PAN-OS versions prior to 9.1.5
Description
The issue, also known as Etherleak, occurs because padding bytes in Ethernet packets on various firewall models are not cleared before the data frame is created, leaking a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall can collect potentially sensitive information from these packets.
Recommendations
For versions prior to 8.1.18, update to PAN-OS 8.1.18 or later.
For versions prior to 9.0.12, update to PAN-OS 9.0.12 or later.
For versions prior to 9.1.5, update to PAN-OS 9.1.5 or later.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Pan-Os