Pagina 2 – Azienda Sicura

Lista CVE 2021/3xxx

CVE-2021-3032 (PAN-OS: Information exposure in Ethernet data frame construction (Etherleak))

CVE-2021-3033 (PAN-OS: Configuration secrets for log forwarding may be logged in system logs)

CVE-2021-3034 (Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console)

CVE-2021-3035 (Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs)

CVE-2021-3036 (Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution)

CVE-2021-3037 (PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly)

CVE-2021-3038 (PAN-OS: Secrets for scheduled configuration exports are logged in system logs)

CVE-2021-3039 (GlobalProtect App: Windows VPN kernel driver denial of service (DoS))

CVE-2021-3040 (Prisma Cloud Compute: User role authorization secret for Console leaked through log file export)

CVE-2021-3041 (Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution)

CVE-2021-3042 (Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation)

CVE-2021-3043 (Cortex XDR Agent: Improper Control of User-Controlled File Leads to Local Privilege Escalation)

CVE-2021-3044 (Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console)

CVE-2021-3045 (Cortex XSOAR: Unauthorized Usage of the REST API)

CVE-2021-3046 (PAN-OS: OS Command Argument Injection in Web Interface)

CVE-2021-3047 (PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal)

CVE-2021-3048 (PAN-OS: Weak Cryptography Used in Web Interface Authentication)

CVE-2021-3049 (PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage)

CVE-2021-3050 (Cortex XSOAR: Improper Authorization of Incident Investigations Vulnerability)

CVE-2021-3051 (PAN-OS: OS Command Injection Vulnerability in Web Interface)

CVE-2021-3052 (Cortex XSOAR: Authentication Bypass in SAML Authentication)

CVE-2021-3053 (PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface)

CVE-2021-3054 (PAN-OS: Exceptional Condition Denial-of-Service (DoS))

CVE-2021-3055 (PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability)

CVE-2021-3056 (PAN-OS: XML External Entity (XXE) Reference Vulnerability in the PAN-OS Web Interface)

CVE-2021-3057 (PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication)

CVE-2021-3058 (GlobalProtect App: Buffer Overflow Vulnerability When Connecting to Portal or Gateway)

CVE-2021-3059 (PAN-OS: OS Command Injection Vulnerability in Web Interface XML API)

CVE-2021-3060 (PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates)

CVE-2021-3061 (PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP))

CVE-2021-3062 (PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI))

CVE-2021-3063 (PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users)

CVE-2021-3064 (PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces)

CVE-2021-3090 (PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces)