CVE-2021-3060

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have ne...

CVE-2021-3056

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions earli...

CVE-2021-3059

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than P...

CVE-2021-3061

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....