CVE-2021-3063

Name of the Vulnerable Software and Affected Versions PAN-OS versions prior to 8.1.21 PAN-OS versions prior to 9.0.14-h4 PAN-OS versions prior to 9.1.11-h3 PAN-OS versions prior to 10.0.8-h4 PAN-OS versions prior to 10.1.3

Description An improper handling of exceptional conditions issue exists in Palo Alto Networks GlobalProtect portal and gateway interfaces, allowing an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface, causing the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. Prisma Access customers are not impacted by this issue.

Recommendations For PAN-OS versions prior to 8.1.21, update to version 8.1.21 or later. For PAN-OS versions prior to 9.0.14-h4, update to version 9.0.14-h4 or later. For PAN-OS versions prior to 9.1.11-h3, update to version 9.1.11-h3 or later. For PAN-OS versions prior to 10.0.8-h4, update to version 10.0.8-h4 or later. For PAN-OS versions prior to 10.1.3, update to version 10.1.3 or later.