PAN-OS software, Prisma Cloud compute, and Prisma SD-WAN (CloudGenix) devices do not include the Sudo program and, therefore, no scenarios required for successful exploitation exist in these Palo Alto Networks products.

Work around:
No work around available.

References

cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3156

security.paloaltonetworks.com/PAN-SA-2021-0003

nessus 44

githubexploit 53

ibm 1

packetstorm 4

oraclelinux 4

photon 2

osv 4

redos 2

zdt 4

altlinux 2

ubuntucve 1

openvas 21

redhat 10

avleonov 1

ubuntu 1

f5 1

rapid7blog 2

almalinux 1

cisa 1

cert 1

cisco 1

alpinelinux 1

metasploit 1

virtuozzo 2

centos 1

ics 6

attackerkb 1

suse 1

fedora 2

debian 3

cisa_kev 1

cloudlinux 1

cve 1

checkpoint_security 1

veracode 1

qualysblog 2

threatpost 2

amazon 2

redhatcve 1

huawei 1

mageia 1

prion 1

debiancve 1

slackware 1

freebsd 1

exploitdb 2

nessus

Oracle Linux 6 : sudo (ELSA-2021-9169)

2021-04-15 00:00:00

FreeBSD : sudo -- Multiple vulnerabilities (f3cf4b33-6013-11eb-9a0e-206a8a720317)

2021-01-27 00:00:00

Photon OS 2.0: Sudo PHSA-2021-2.0-0315

2021-01-29 00:00:00

githubexploit

Exploit for Off-by-one Error in Sudo Project Sudo

2021-03-15 17:37:02

Exploit for Off-by-one Error in Sudo Project Sudo

2021-01-27 21:49:06

Exploit for Off-by-one Error in Sudo Project Sudo

2021-02-09 19:25:18

ibm

Security Bulletin: Sudo as used by IBM QRadar SIEM is vulnerable to arbitrary code execution

2021-04-12 22:48:01

packetstorm

Sudo 1.9.5p1 Buffer Overflow / Privilege Escalation

2021-02-03 00:00:00

Sudo Buffer Overflow / Privilege Escalation

2021-02-01 00:00:00

Sudo Heap-Based Buffer Overflow

2021-01-27 00:00:00

oraclelinux

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

sudo security update

2021-01-27 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0358

2021-01-29 00:00:00

Important Photon OS Security Update - PHSA-2021-0188

2021-01-27 00:00:00

osv

CVE-2021-3156

2021-01-26 21:15:12

sudo vulnerability

2021-01-27 15:01:20

sudo - security update

2021-01-26 00:00:00

redos

ROS-2-613

2021-09-08 00:00:00

ROS-2-438

2021-12-24 00:00:00

zdt

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (1)

2021-02-01 00:00:00

Sudo 1.9.5p1 - (Baron Samedit) Heap-Based Buffer Overflow Privilege Escalation Exploit (2)

2021-02-01 00:00:00

Sudo 1.8.31p2 / 1.9.5p1 Buffer Overflow Exploit

2021-02-05 00:00:00

altlinux

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt0.M80P.1

2021-02-06 00:00:00

Security fix for the ALT Linux 8 package sudo version 1:1.9.5p2-alt1

2021-01-27 00:00:00

ubuntucve

CVE-2021-3156

2021-01-26 00:00:00

openvas

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1366)

2021-02-22 00:00:00

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-1630)

2021-03-12 00:00:00

Debian: Security Advisory (DSA-4839-1)

2021-01-27 00:00:00

redhat

(RHSA-2021:0222) Important: sudo security update

2021-01-26 18:59:36

(RHSA-2021:0226) Important: sudo security update

2021-01-26 18:56:10

(RHSA-2021:0218) Important: sudo security update

2021-01-26 18:53:36

avleonov

Vulristics: Beyond Microsoft Patch Tuesdays, Analyzing Arbitrary CVEs

2021-03-02 01:07:00

ubuntu

Sudo vulnerability

2021-01-27 00:00:00

K86488846 : Sudo vulnerability CVE-2021-3156

2021-01-29 00:00:00

rapid7blog

Metasploit Wrap-Up

2021-02-05 19:30:43

Cisco Patches Recently Disclosed "sudo" Vulnerability (CVE-2021-3156) in Multiple Products

2021-02-04 21:04:49

almalinux

Important: sudo security update

2021-01-26 18:53:36

cisa

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

2021-02-02 00:00:00

cert

Sudo set_cmd() is vulnerable to heap-based buffer overflow

2021-02-04 00:00:00

cisco

Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021

2021-01-29 21:30:00

alpinelinux

CVE-2021-3156

2021-01-26 21:15:00

metasploit

Sudo Heap-Based Buffer Overflow

2021-02-04 14:25:40

virtuozzo

[Important] [Security] Fix for a vulnerability in sudo, CVE-2021-3156, for Virtuozzo Hybrid Server 7.x and Virtuozzo 6

2021-01-27 00:00:00

[Important] [Security] Virtuozzo Hybrid Infrastructure 4.0 Update 1.2 (4.0.1-49)

2020-02-03 00:00:00

centos

sudo security update

2021-01-27 00:11:23

ics

Johnson Controls Sensormatic Electronics Illustra

2021-09-02 12:00:00

Johnson Controls Sensormatic Tyco AI

2021-05-13 12:00:00

Johnson Controls Sensormatic Electronics VideoEdge

2021-05-27 12:00:00

attackerkb

CVE-2021-3156 "Baron Samedit"

2021-01-26 00:00:00

suse

Security update for sudo (important)

2021-04-23 00:00:00

fedora

[SECURITY] Fedora 32 Update: sudo-1.9.5p2-1.fc32

2021-01-27 04:12:23

[SECURITY] Fedora 33 Update: sudo-1.9.5p2-1.fc33

2021-01-27 01:19:48

debian

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:33

[SECURITY] [DSA 4839-1] sudo security update

2021-01-26 18:05:52

[SECURITY] [DLA 2534-1] sudo security update

2021-01-26 18:36:34

cisa_kev

Sudo Heap-Based Buffer Overflow Vulnerability

2022-04-06 00:00:00

cloudlinux

Fix CVE-2021-3156: Heap-based buffer overflow in sudo

2021-01-27 12:30:00

cve

CVE-2021-3156

2021-01-26 21:15:00

checkpoint_security

Check Point CVE-2021-3156 (sudo Privilege Escalation)

2021-01-28 08:21:18

veracode

Privilege Escalation

2021-01-26 21:59:42

qualysblog

Qualys Research Wins Two 2021 Pwnie Awards

2021-08-05 01:44:02

CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)

2021-01-26 18:09:09

threatpost

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

2021-08-30 21:46:56

Sudo Bug Gives Root Access to Mass Numbers of Linux Systems

2021-01-27 19:16:41

amazon

Important: sudo

2021-01-25 23:09:00

Important: sudo

2021-01-26 00:11:00

redhatcve

CVE-2021-3156

2021-01-26 19:51:28

huawei

Security Advisory - Sudo Privilege Escalation Vulnerability

2021-03-10 00:00:00

mageia

Updated sudo packages fix security vulnerability

2021-01-27 03:40:21

prion

Heap overflow

2021-01-26 21:15:00

debiancve

CVE-2021-3156

2021-01-26 21:15:00

slackware

[slackware-security] sudo

2021-01-26 21:34:51

freebsd

sudo -- Multiple vulnerabilities

2021-01-26 00:00:00

exploitdb

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (1)

2021-02-03 00:00:00

Sudo 1.9.5p1 - 'Baron Samedit ' Heap-Based Buffer Overflow Privilege Escalation (2)

2021-02-03 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.971 High

EPSS

Percentile

99.8%

JSON

Related for PA-CVE-2021-3156