Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2021-3064
HistoryNov 10, 2021 - 5:15 p.m.

Memory corruption

2021-11-1017:15:00
PRIOn knowledge base
www.prio-n.com
7

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.8%

JSON

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.

CPENameOperatorVersion
pan-osge8.1.0
pan-oslt8.1.17

Related

cve 1
hivepro 2
paloalto 1
thn 1
githubexploit 1
cisa 1
nessus 1
threatpost 2
trellix 2
cve
cve
CVE-2021-3064
2021-11-10 17:15:00
hivepro
hivepro
A zero-day vulnerability has been discovered in PANโ€™s GlobalProtect firewall
2021-11-14 10:42:39
Randori discovered Zero-day in Palo Altoโ€™s GlobalProtect Firewall, affecting ~10,000 assets.
2021-11-15 12:18:52
paloalto
paloalto
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
2021-11-10 17:00:00
thn
thn
Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN
2021-11-11 06:35:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Paloaltonetworks Pan-Os
2022-04-26 08:41:14
cisa
cisa
Palo Alto Networks Release Security Updates for PAN-OS
2021-11-12 00:00:00
nessus
nessus
Palo Alto Networks PAN-OS 8.1.x < 8.1.17 Memory Corruption
2021-11-12 00:00:00
threatpost
threatpost
The Internetโ€™s Most Tempting Targets
2022-01-21 21:03:23
Massive Zero-Day Hole Found in Palo Alto Security Appliances
2021-11-10 17:00:35
trellix
trellix
The Bug Report November 2021 Edition
2021-11-30 00:00:00
The Bug Report November 2021 Edition
2021-11-30 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.8%

JSON
Related for PRION:CVE-2021-3064
cve1hivepro2paloalto1thn1githubexploit1cisa1nessus1threatpost2trellix2