PT-2021-18730 · Palo Alto Networks · Pan-Os

Brandon Vincent

Published

2021-08-11

Updated

2021-08-21

CVE-2021-3045

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.19 PAN-OS versions prior to 9.0.14 PAN-OS versions prior to 9.1.10

Description An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system.

Recommendations For PAN-OS versions prior to 8.1.19, update to version 8.1.19 or later. For PAN-OS versions prior to 9.0.14, update to version 9.0.14 or later. For PAN-OS versions prior to 9.1.10, update to version 9.1.10 or later.

Exploit

Fix

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

CVE-2021-3045

Affected Products

Pan-Os

PT-2021-18730 · Palo Alto Networks · Pan-Os

CVE-2021-3045

Weakness Enumeration

Related Identifiers

Affected Products

References · 7