Security Advisory

CVE-2021-3058

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-11-10 17:10:21

Last updated 2024-09-16 22:52:16

Assigner palo_alto

State PUBLISHED

Description

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls.

← Browse all CVEs View on cve.org ↗