Authentication flaw

2021-08-1117:15:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.4%

JSON

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted.

CPENameOperatorVersion
pan-osge8.1.0
pan-oslt8.1.19
pan-osge9.0.0
pan-oslt9.0.14
pan-osge10.0.0
pan-oslt10.0.5
pan-osge9.1.0
pan-oslt9.1.9

Name	Operator	Version
pan-os	ge	8.1.0
pan-os	lt	8.1.19
pan-os	ge	9.0.0
pan-os	lt	9.0.14
pan-os	ge	10.0.0
pan-os	lt	10.0.5
pan-os	ge	9.1.0
pan-os	lt	9.1.9

References

security.paloaltonetworks.com/CVE-2021-3046