github - ghsa-56p7-mg8r-j8fj

ghsa-56p7-mg8r-j8fj

Vulnerability from github

Published

2022-05-24 19:20

Modified

2022-05-24 19:20

Details

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-3059"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-11-10T17:15:00Z",
    "severity": "HIGH"
  },
  "details": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue.",
  "id": "GHSA-56p7-mg8r-j8fj",
  "modified": "2022-05-24T19:20:17Z",
  "published": "2022-05-24T19:20:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3059"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2021-3059

Vulnerability from cvelistv5

Published

2021-11-10 17:10

Modified

2024-09-16 17:03

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates

References

▼	URL	Tags
	https://security.paloaltonetworks.com/CVE-2021-3059	x_refsource_MISC

Impacted products

▼	Vendor	Product
	Palo Alto Networks	PAN-OS
	Palo Alto Networks	Prisma Access

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.098Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "10.0.8",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.8",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.3",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "8.1.20-h1",
                  "status": "unaffected"
                }
              ],
              "lessThan": "8.1.20-h1",
              "status": "affected",
              "version": "8.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.0.14-h3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14-h3",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.11-h2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.11-h2",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "affected",
              "version": "2.1 Innovation"
            },
            {
              "status": "affected",
              "version": "2.1 Preferred"
            },
            {
              "lessThan": "2.2*",
              "status": "unaffected",
              "version": "all",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
        }
      ],
      "datePublic": "2021-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-11-10T17:10:23",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
        },
        {
          "lang": "en",
          "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-176618"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-11-10T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates",
      "workarounds": [
        {
          "lang": "en",
          "value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-11-10T17:00:00.000Z",
          "ID": "CVE-2021-3059",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.8"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.1",
                            "version_value": "10.1.3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "8.1",
                            "version_value": "8.1.20-h1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14-h3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.11-h2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Prisma Access",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "2.2",
                            "version_value": "all"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Innovation"
                          },
                          {
                            "version_affected": "=",
                            "version_name": "2.1",
                            "version_value": "Preferred"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only to PAN-OS firewall configurations that receive dynamic updates. You can verify that your firewall receives dynamic updates at \u2018Device Deployment \u003e Dynamic Updates\u0027 in the web interface."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 Preferred or Prisma Access 2.1 Innovation firewalls are impacted by this issue."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2021-3059",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2021-3059"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions."
          },
          {
            "lang": "en",
            "value": "This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."
          }
        ],
        "source": {
          "defect": [
            "PAN-176618"
          ],
          "discovery": "EXTERNAL"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-10T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You can disable scheduled dynamic updates for the firewall at \u0027Device Deployment \u003e Dynamic Updates\u0027 in the web interface. Choosing not to receive dynamic updates will minimize your exposure to this vulnerability until you upgrade the PAN-OS firewall to a fixed version."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "Prisma Access 2.1",
          "PAN-OS 10.1.2",
          "PAN-OS 10.1.1",
          "PAN-OS 10.1.0",
          "PAN-OS 10.1",
          "PAN-OS 10.0.7",
          "PAN-OS 10.0.6",
          "PAN-OS 10.0.5",
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.11-h1",
          "PAN-OS 9.1.11",
          "PAN-OS 9.1.10",
          "PAN-OS 9.1.9",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.14-h2",
          "PAN-OS 9.0.14-h1",
          "PAN-OS 9.0.14",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0",
          "PAN-OS 8.1.20",
          "PAN-OS 8.1.19",
          "PAN-OS 8.1.18",
          "PAN-OS 8.1.17",
          "PAN-OS 8.1.16",
          "PAN-OS 8.1.15-h3",
          "PAN-OS 8.1.15-h2",
          "PAN-OS 8.1.15-h1",
          "PAN-OS 8.1.15",
          "PAN-OS 8.1.14-h2",
          "PAN-OS 8.1.14-h1",
          "PAN-OS 8.1.14",
          "PAN-OS 8.1.13",
          "PAN-OS 8.1.12",
          "PAN-OS 8.1.11",
          "PAN-OS 8.1.10",
          "PAN-OS 8.1.9-h4",
          "PAN-OS 8.1.9-h3",
          "PAN-OS 8.1.9-h2",
          "PAN-OS 8.1.9-h1",
          "PAN-OS 8.1.9",
          "PAN-OS 8.1.8-h5",
          "PAN-OS 8.1.8-h4",
          "PAN-OS 8.1.8-h3",
          "PAN-OS 8.1.8-h2",
          "PAN-OS 8.1.8-h1",
          "PAN-OS 8.1.8",
          "PAN-OS 8.1.7",
          "PAN-OS 8.1.6-h2",
          "PAN-OS 8.1.6-h1",
          "PAN-OS 8.1.6",
          "PAN-OS 8.1.5",
          "PAN-OS 8.1.4",
          "PAN-OS 8.1.3",
          "PAN-OS 8.1.2",
          "PAN-OS 8.1.1",
          "PAN-OS 8.1.0",
          "PAN-OS 8.1"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3059",
    "datePublished": "2021-11-10T17:10:23.093770Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T17:03:16.819Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted