Lucene search

[email protected]CVE-2021-3057

HistoryOct 13, 2021 - 4:15 p.m.

CVE-2021-3057

2021-10-1316:15:07

CWE-121

CWE-787

[email protected]

web.nvd.nist.gov

cve

2021

3057

stack-based buffer overflow

vulnerability

palo alto networks

globalprotect

man-in-the-middle

attacker

system processes

arbitrary code

system privileges

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.3%

JSON

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.9 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on Windows; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.8 on the Universal Windows Platform; GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.1 on Linux.

Affected configurations

NVD

Node

paloaltonetworksglobalprotectRange5.0–5.0.8linux

paloaltonetworksglobalprotectRange5.0–5.0.9macos

paloaltonetworksglobalprotectRange5.0–5.0.10windows

paloaltonetworksglobalprotectRange5.1–5.1.1linux

paloaltonetworksglobalprotectRange5.1–5.1.1universal_windows_platform

paloaltonetworksglobalprotectRange5.1–5.1.9windows

paloaltonetworksglobalprotectRange5.1.0–5.1.4macos

paloaltonetworksglobalprotectRange5.2–5.2.8linux

paloaltonetworksglobalprotectRange5.2–5.2.8macos

paloaltonetworksglobalprotectRange5.2–5.2.8universal_windows_platform

paloaltonetworksglobalprotectRange5.2–5.2.8windows

paloaltonetworksglobalprotectRange5.3–5.3.1linux

paloaltonetworksglobalprotectMatch5.0universal_windows_platform

CPENameOperatorVersion
paloaltonetworks:globalprotectpaloaltonetworks globalprotectle5.0.8
paloaltonetworks:globalprotectpaloaltonetworks globalprotectle5.0.9
paloaltonetworks:globalprotectpaloaltonetworks globalprotectle5.0.10
paloaltonetworks:globalprotectpaloaltonetworks globalprotectle5.1.1
paloaltonetworks:globalprotectpaloaltonetworks globalprotectlt5.1.9
paloaltonetworks:globalprotectpaloaltonetworks globalprotectle5.1.4
paloaltonetworks:globalprotectpaloaltonetworks globalprotectlt5.2.8
paloaltonetworks:globalprotectpaloaltonetworks globalprotectlt5.3.1
paloaltonetworks:globalprotectpaloaltonetworks globalprotecteq5.0

CPE	Name	Operator	Version
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	le	5.0.8
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	le	5.0.9
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	le	5.0.10
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	le	5.1.1
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	lt	5.1.9
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	le	5.1.4
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	lt	5.2.8
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	lt	5.3.1
paloaltonetworks:globalprotect	paloaltonetworks globalprotect	eq	5.0

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "GlobalProtect App",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "5.1.9",
            "status": "unaffected"
          }
        ],
        "lessThan": "5.1.9",
        "status": "affected",
        "version": "5.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "5.2.8",
            "status": "unaffected"
          }
        ],
        "lessThan": "5.2.8",
        "status": "affected",
        "version": "5.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "Linux"
    ],
    "product": "GlobalProtect App",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "5.3.1",
            "status": "unaffected"
          }
        ],
        "lessThan": "5.3.1",
        "status": "affected",
        "version": "5.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "Universal Windows Platform"
    ],
    "product": "GlobalProtect App",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "5.2.8",
            "status": "unaffected"
          }
        ],
        "lessThan": "5.2.8",
        "status": "affected",
        "version": "5.2",
        "versionType": "custom"
      }
    ]
  }
]

References

security.paloaltonetworks.com/CVE-2021-3057

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.3%

JSON

Related for CVE-2021-3057

paloalto1 nessus1 prion1 nvd1 cvelist1