4 matches found
CVE-2021-3054
A time-of-check to time-of-use TOCTOU race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-...
CVE-2021-3054
CVE-2021-3054 is a TOCTOU race condition in the Palo Alto Networks PAN-OS web interface. An authenticated administrator with permission to upload plugins can trigger arbitrary code execution with root privileges. Affected PAN-OS versions include 8.1.x before 8.1.20, 9.0.x before 9.0.14, 9.1.x bef...
CVE-2021-3054 PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability
A time-of-check to time-of-use TOCTOU race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-...
PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability
A time-of-check to time-of-use TOCTOU race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. Work around: Enable signatures for Unique Threat ID 91572...