CVE-2021-3064
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palo Alto Networks | PAN-OS | 9.0.* | unaffected |
| Palo Alto Networks | PAN-OS | 9.1.* | unaffected |
| Palo Alto Networks | PAN-OS | 10.0.* | unaffected |
| Palo Alto Networks | PAN-OS | 10.1.* | unaffected |
| Palo Alto Networks | PAN-OS | 8.1 < 8.1.17 | affected |
| Palo Alto Networks | Prisma Access | 2.2 all | unaffected |
| Palo Alto Networks | Prisma Access | 2.1 all | unaffected |
Weaknesses
- CWE-121: CWE-121 Stack-based Buffer Overflow
Workarounds
Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.
It is not necessary to enable SSL decryption to detect and block attacks against this issue.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.