CVE-2021-3061

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:paloaltonetworks:prisma_access:2.1:*:*:*:innovation:*:*:*
cpe:2.3:a:paloaltonetworks:prisma_access:2.1:*:*:*:preferred:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

Information

Published : 2021-11-10 09:15

Updated : 2021-11-15 08:14


NVD link : CVE-2021-3061

Mitre link : CVE-2021-3061


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

paloaltonetworks

  • pan-os
  • prisma_access