gsd-2021-3032
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Aliases
Aliases



{
  "GSD": {
    "alias": "CVE-2021-3032",
    "description": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.",
    "id": "GSD-2021-3032"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-3032"
      ],
      "details": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.",
      "id": "GSD-2021-3032",
      "modified": "2023-12-13T01:23:34.296174Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@paloaltonetworks.com",
        "DATE_PUBLIC": "2021-01-13T17:00:00.000Z",
        "ID": "CVE-2021-3032",
        "STATE": "PUBLIC",
        "TITLE": "PAN-OS: Configuration secrets for log forwarding may be logged in system logs"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "PAN-OS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "8.1",
                          "version_value": "8.1.18"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "9.0",
                          "version_value": "9.0.12"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "9.1",
                          "version_value": "9.1.4"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "10.0",
                          "version_value": "10.0.1"
                        },
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "8.1",
                          "version_value": "8.1.18"
                        },
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "9.0",
                          "version_value": "9.0.12"
                        },
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "9.1",
                          "version_value": "9.1.4"
                        },
                        {
                          "version_affected": "!\u003e=",
                          "version_name": "10.0",
                          "version_value": "10.0.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Palo Alto Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "This issue is only applicable to PAN-OS devices configured to use log forwarding. You can verify this in the management web interface: Device -\u003e Log Settings."
        }
      ],
      "credit": [
        {
          "lang": "eng",
          "value": "This issue was found by My Tran, Mai Phan, and Claire Zhou of Palo Alto Networks during internal security testing."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-532 Information Exposure Through Log Files"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security.paloaltonetworks.com/CVE-2021-3032",
            "refsource": "MISC",
            "url": "https://security.paloaltonetworks.com/CVE-2021-3032"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "If the PAN-OS firewall is impacted, then you must clear the configuration file (/var/log/pan/logrcvr.log). This can be accomplished by running the following CLI command:\n  \"delete debug-log mp-log file logrcvr.log\".\n\nThis issue is fixed in PAN-OS 8.1.18, PAN-OS 9.0.12, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-149377"
        ],
        "discovery": "INTERNAL"
      },
      "timeline": [
        {
          "lang": "eng",
          "time": "2021-01-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "work_around": [
        {
          "lang": "eng",
          "value": "This issue requires access to PAN-OS log files generated in the system. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices."
        }
      ],
      "x_advisoryEoL": false,
      "x_affectedList": [
        "PAN-OS 10.0.0",
        "PAN-OS 10.0",
        "PAN-OS 9.1.3-h1",
        "PAN-OS 9.1.3",
        "PAN-OS 9.1.2-h1",
        "PAN-OS 9.1.2",
        "PAN-OS 9.1.1",
        "PAN-OS 9.1.0-h3",
        "PAN-OS 9.1.0-h2",
        "PAN-OS 9.1.0-h1",
        "PAN-OS 9.1.0",
        "PAN-OS 9.1",
        "PAN-OS 9.0.11",
        "PAN-OS 9.0.10",
        "PAN-OS 9.0.9-h1",
        "PAN-OS 9.0.9",
        "PAN-OS 9.0.8",
        "PAN-OS 9.0.7",
        "PAN-OS 9.0.6",
        "PAN-OS 9.0.5",
        "PAN-OS 9.0.4",
        "PAN-OS 9.0.3-h3",
        "PAN-OS 9.0.3-h2",
        "PAN-OS 9.0.3-h1",
        "PAN-OS 9.0.3",
        "PAN-OS 9.0.2-h4",
        "PAN-OS 9.0.2-h3",
        "PAN-OS 9.0.2-h2",
        "PAN-OS 9.0.2-h1",
        "PAN-OS 9.0.2",
        "PAN-OS 9.0.1",
        "PAN-OS 9.0.0",
        "PAN-OS 9.0",
        "PAN-OS 8.1.17",
        "PAN-OS 8.1.16",
        "PAN-OS 8.1.15-h3",
        "PAN-OS 8.1.15-h2",
        "PAN-OS 8.1.15-h1",
        "PAN-OS 8.1.15",
        "PAN-OS 8.1.14-h2",
        "PAN-OS 8.1.14-h1",
        "PAN-OS 8.1.14",
        "PAN-OS 8.1.13",
        "PAN-OS 8.1.12",
        "PAN-OS 8.1.11",
        "PAN-OS 8.1.10",
        "PAN-OS 8.1.9-h4",
        "PAN-OS 8.1.9-h3",
        "PAN-OS 8.1.9-h2",
        "PAN-OS 8.1.9-h1",
        "PAN-OS 8.1.9",
        "PAN-OS 8.1.8-h5",
        "PAN-OS 8.1.8-h4",
        "PAN-OS 8.1.8-h3",
        "PAN-OS 8.1.8-h2",
        "PAN-OS 8.1.8-h1",
        "PAN-OS 8.1.8",
        "PAN-OS 8.1.7",
        "PAN-OS 8.1.6-h2",
        "PAN-OS 8.1.6-h1",
        "PAN-OS 8.1.6",
        "PAN-OS 8.1.5",
        "PAN-OS 8.1.4",
        "PAN-OS 8.1.3",
        "PAN-OS 8.1.2",
        "PAN-OS 8.1.1",
        "PAN-OS 8.1.0",
        "PAN-OS 8.1"
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "8.1.18",
                "versionStartIncluding": "8.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.0.12",
                "versionStartIncluding": "9.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "9.1.4",
                "versionStartIncluding": "9.1.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.0.1",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "ID": "CVE-2021-3032"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the \u201chttp\u201d, \u201cemail\u201d, and \u201csnmptrap\u201d v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.4; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-532"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security.paloaltonetworks.com/CVE-2021-3032"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 0.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2021-01-19T23:05Z",
      "publishedDate": "2021-01-13T18:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.