PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
CVE-2021-3061

6.4MEDIUM

Key Information:

Vendor

Palo Alto Networks
Status
Pan-os
Prisma Access
Vendor
CVE Published:
10 November 2021

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2021-3061?

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers that have Prisma Access 2.1 firewalls are impacted by this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

PAN-OS 8.1 < 8.1.20-h1

PAN-OS 9.0 < 9.0.14-h3

PAN-OS 10.0 < 10.0.8

References

https://security.paloaltonetworks.com/CVE-2021-3061
x_refsource_MISC

CVSS V3.1

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Palo Alto Networks thanks CJ, an external security researcher, and Ben Nott from Palo Alto Networks for discovering and reporting this issue.
JSON
.