github - ghsa-9g4g-449x-h99g

ghsa-9g4g-449x-h99g

Vulnerability from github

Published

2022-05-24 19:10

Modified

2022-05-24 19:10

Details

Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-3048"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-11T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted.",
  "id": "GHSA-9g4g-449x-h99g",
  "modified": "2022-05-24T19:10:40Z",
  "published": "2022-05-24T19:10:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3048"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2021-3048"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2021-3048

Vulnerability from cvelistv5

Published

2021-08-11 17:10

Modified

2024-09-16 19:31

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage

References

▼	URL	Tags
	https://security.paloaltonetworks.com/CVE-2020-3048	x_refsource_MISC

Impacted products

▼	Vendor	Product
	Palo Alto Networks	PAN-OS

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:45:51.024Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "10.1.*"
            },
            {
              "status": "unaffected",
              "version": "8.1.*"
            },
            {
              "changes": [
                {
                  "at": "9.0.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.0.14",
              "status": "affected",
              "version": "9.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "9.1.9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "9.1.9",
              "status": "affected",
              "version": "9.1",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.0.5",
              "status": "affected",
              "version": "10.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "This issue is applicable only if an External Dynamic List (EDL) is configured on the firewall.\nAn EDL that contains only domain names or IP addresses will not cause this issue."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was encountered by some customers of Palo Alto Networks during regular operation."
        }
      ],
      "datePublic": "2021-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-08-11T17:10:19",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.\n\nIf a firewall encounters this problem, you will require TAC assistance to make the firewall operational again."
        }
      ],
      "source": {
        "defect": [
          "PAN-160455"
        ],
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2021-08-11T00:00:00",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage",
      "workarounds": [
        {
          "lang": "en",
          "value": "You can prevent this issue by removing all invalid URL entries from source EDLs or removing the EDL from your configuration.\n\nAdditionally, do not configure EDLs from websites that you do not trust."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2021-08-11T16:00:00.000Z",
          "ID": "CVE-2021-3048",
          "STATE": "PUBLIC",
          "TITLE": "PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "PAN-OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.0",
                            "version_value": "9.0.14"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "9.1",
                            "version_value": "9.1.9"
                          },
                          {
                            "version_affected": "!\u003e=",
                            "version_name": "10.0",
                            "version_value": "10.0.5"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "10.1",
                            "version_value": "10.1.*"
                          },
                          {
                            "version_affected": "!",
                            "version_name": "8.1",
                            "version_value": "8.1.*"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Palo Alto Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "This issue is applicable only if an External Dynamic List (EDL) is configured on the firewall.\nAn EDL that contains only domain names or IP addresses will not cause this issue."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "This issue was encountered by some customers of Palo Alto Networks during regular operation."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20 Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.paloaltonetworks.com/CVE-2020-3048",
              "refsource": "MISC",
              "url": "https://security.paloaltonetworks.com/CVE-2020-3048"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "This issue is fixed in PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.\n\nIf a firewall encounters this problem, you will require TAC assistance to make the firewall operational again."
          }
        ],
        "source": {
          "defect": [
            "PAN-160455"
          ],
          "discovery": "USER"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2021-08-11T00:00:00",
            "value": "Initial publication"
          }
        ],
        "work_around": [
          {
            "lang": "en",
            "value": "You can prevent this issue by removing all invalid URL entries from source EDLs or removing the EDL from your configuration.\n\nAdditionally, do not configure EDLs from websites that you do not trust."
          }
        ],
        "x_advisoryEoL": false,
        "x_affectedList": [
          "PAN-OS 10.0.4",
          "PAN-OS 10.0.3",
          "PAN-OS 10.0.2",
          "PAN-OS 10.0.1",
          "PAN-OS 10.0.0",
          "PAN-OS 10.0",
          "PAN-OS 9.1.8",
          "PAN-OS 9.1.7",
          "PAN-OS 9.1.6",
          "PAN-OS 9.1.5",
          "PAN-OS 9.1.4",
          "PAN-OS 9.1.3-h1",
          "PAN-OS 9.1.3",
          "PAN-OS 9.1.2-h1",
          "PAN-OS 9.1.2",
          "PAN-OS 9.1.1",
          "PAN-OS 9.1.0-h3",
          "PAN-OS 9.1.0-h2",
          "PAN-OS 9.1.0-h1",
          "PAN-OS 9.1.0",
          "PAN-OS 9.1",
          "PAN-OS 9.0.13",
          "PAN-OS 9.0.12",
          "PAN-OS 9.0.11",
          "PAN-OS 9.0.10",
          "PAN-OS 9.0.9-h1",
          "PAN-OS 9.0.9",
          "PAN-OS 9.0.8",
          "PAN-OS 9.0.7",
          "PAN-OS 9.0.6",
          "PAN-OS 9.0.5",
          "PAN-OS 9.0.4",
          "PAN-OS 9.0.3-h3",
          "PAN-OS 9.0.3-h2",
          "PAN-OS 9.0.3-h1",
          "PAN-OS 9.0.3",
          "PAN-OS 9.0.2-h4",
          "PAN-OS 9.0.2-h3",
          "PAN-OS 9.0.2-h2",
          "PAN-OS 9.0.2-h1",
          "PAN-OS 9.0.2",
          "PAN-OS 9.0.1",
          "PAN-OS 9.0.0",
          "PAN-OS 9.0"
        ],
        "x_likelyAffectedList": [
          "PAN-OS 8.0.20",
          "PAN-OS 8.0.19-h1",
          "PAN-OS 8.0.19",
          "PAN-OS 8.0.18",
          "PAN-OS 8.0.17",
          "PAN-OS 8.0.16",
          "PAN-OS 8.0.15",
          "PAN-OS 8.0.14",
          "PAN-OS 8.0.13",
          "PAN-OS 8.0.12",
          "PAN-OS 8.0.11-h1",
          "PAN-OS 8.0.10",
          "PAN-OS 8.0.9",
          "PAN-OS 8.0.8",
          "PAN-OS 8.0.7",
          "PAN-OS 8.0.6-h3",
          "PAN-OS 8.0.6-h2",
          "PAN-OS 8.0.6-h1",
          "PAN-OS 8.0.6",
          "PAN-OS 8.0.5",
          "PAN-OS 8.0.4",
          "PAN-OS 8.0.3-h4",
          "PAN-OS 8.0.3-h3",
          "PAN-OS 8.0.3-h2",
          "PAN-OS 8.0.3-h1",
          "PAN-OS 8.0.3",
          "PAN-OS 8.0.2",
          "PAN-OS 8.0.1",
          "PAN-OS 8.0.0",
          "PAN-OS 8.0",
          "PAN-OS 7.1.26",
          "PAN-OS 7.1.25",
          "PAN-OS 7.1.24-h1",
          "PAN-OS 7.1.24",
          "PAN-OS 7.1.23",
          "PAN-OS 7.1.22",
          "PAN-OS 7.1.21",
          "PAN-OS 7.1.20",
          "PAN-OS 7.1.19",
          "PAN-OS 7.1.18",
          "PAN-OS 7.1.17",
          "PAN-OS 7.1.16",
          "PAN-OS 7.1.15",
          "PAN-OS 7.1.14",
          "PAN-OS 7.1.13",
          "PAN-OS 7.1.12",
          "PAN-OS 7.1.11",
          "PAN-OS 7.1.10",
          "PAN-OS 7.1.9-h4",
          "PAN-OS 7.1.9-h3",
          "PAN-OS 7.1.9-h2",
          "PAN-OS 7.1.9-h1",
          "PAN-OS 7.1.9",
          "PAN-OS 7.1.8",
          "PAN-OS 7.1.7",
          "PAN-OS 7.1.6",
          "PAN-OS 7.1.5",
          "PAN-OS 7.1.4-h2",
          "PAN-OS 7.1.4-h1",
          "PAN-OS 7.1.4",
          "PAN-OS 7.1.3",
          "PAN-OS 7.1.2",
          "PAN-OS 7.1.1",
          "PAN-OS 7.1.0",
          "PAN-OS 7.1"
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2021-3048",
    "datePublished": "2021-08-11T17:10:19.346151Z",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-09-16T19:31:48.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.