Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-3064
HistoryNov 10, 2021 - 5:15 p.m.

CVE-2021-3064

2021-11-1017:15:10
CWE-121
CWE-787
[email protected]
web.nvd.nist.gov
1

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

64.5%

JSON

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Prisma Access customers are not impacted by this issue.

Affected configurations

NVD
Node
paloaltonetworkspan-osRange8.1.0–8.1.17

Related

cve 1
paloalto 1
hivepro 2
cisa 1
threatpost 2
nessus 1
thn 1
githubexploit 1
cvelist 1
prion 1
trellix 2
cve
cve
CVE-2021-3064
2021-11-10 17:15:10
paloalto
paloalto
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
2021-11-10 17:00:00
hivepro
hivepro
A zero-day vulnerability has been discovered in PAN’s GlobalProtect firewall
2021-11-14 10:42:39
Randori discovered Zero-day in Palo Alto’s GlobalProtect Firewall, affecting ~10,000 assets.
2021-11-15 12:18:52
cisa
cisa
Palo Alto Networks Release Security Updates for PAN-OS
2021-11-12 00:00:00
threatpost
threatpost
The Internet’s Most Tempting Targets
2022-01-21 21:03:23
Massive Zero-Day Hole Found in Palo Alto Security Appliances
2021-11-10 17:00:35
nessus
nessus
Palo Alto Networks PAN-OS 8.1.x < 8.1.17 Memory Corruption
2021-11-12 00:00:00
thn
thn
Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN
2021-11-11 06:35:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Paloaltonetworks Pan-Os
2022-04-26 08:41:14
cvelist
cvelist
CVE-2021-3064 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces
2021-11-10 00:00:00
prion
prion
Memory corruption
2021-11-10 17:15:00
trellix
trellix
The Bug Report November 2021 Edition
2021-11-30 00:00:00
The Bug Report November 2021 Edition
2021-11-30 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

64.5%

JSON
Related for NVD:CVE-2021-3064
cve1paloalto1hivepro2cisa1threatpost2nessus1thn1githubexploit1cvelist1prion1trellix2