CVE-2021-3056

Summary

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. Prisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue.

Affected Software

VendorProductVersion RangeStatus
Palo Alto NetworksPAN-OS10.1.*unaffected
Palo Alto NetworksPAN-OS9.0 < 9.0.14affected
Palo Alto NetworksPAN-OS8.1 < 8.1.20affected
Palo Alto NetworksPAN-OS9.1 < 9.1.9affected
Palo Alto NetworksPAN-OS10.0 < 10.0.1affected
Palo Alto NetworksPrisma Access2.2 allunaffected
Palo Alto NetworksPrisma Access2.1 Preferredaffected
Palo Alto NetworksPrisma Access2.1 Innovationunaffected

Weaknesses

  • CWE-120: CWE-120 Buffer Overflow

Workarounds

Enable signatures for Unique Threat ID 91585 on traffic processed by the firewall to block attacks against CVE-2021-3056.

ADP Enrichment

CVE Program Container

Additional References

References