PT-2021-4752 · Palo Alto Networks · Pan-Os
Published
2021-09-08
·
Updated
2021-09-15
·
CVE-2021-3054
CVSS v2.0
8.5
High
| Vector | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
PAN-OS versions prior to 8.1.20
PAN-OS versions prior to 9.0.14
PAN-OS versions prior to 9.1.11
PAN-OS versions prior to 10.0.7
PAN-OS versions prior to 10.1.2
Description
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue is related to synchronization errors when using shared resources.
Recommendations
For PAN-OS versions prior to 8.1.20, update to version 8.1.20 or later.
For PAN-OS versions prior to 9.0.14, update to version 9.0.14 or later.
For PAN-OS versions prior to 9.1.11, update to version 9.1.11 or later.
For PAN-OS versions prior to 10.0.7, update to version 10.0.7 or later.
For PAN-OS versions prior to 10.1.2, update to version 10.1.2 or later.
Fix
Time Of Check To Time Of Use
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pan-Os