CVE-2021-3055

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.20 PAN-OS versions prior to 9.0.14 PAN-OS versions prior to 9.1.10 PAN-OS versions prior to 10.0.6

Description An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.

Recommendations For PAN-OS versions prior to 8.1.20, update to version 8.1.20 or later. For PAN-OS versions prior to 9.0.14, update to version 9.0.14 or later. For PAN-OS versions prior to 9.1.10, update to version 9.1.10 or later. For PAN-OS versions prior to 10.0.6, update to version 10.0.6 or later.