Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
829
VMScore

CVE-2021-3060

Published: 10/11/2021 Updated: 15/11/2021
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Paloaltonetworks

Vulnerability Summary

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

paloaltonetworks prisma access 2.1

paloaltonetworks pan-os

Vendor Advisories

Palo Alto Networks Security Advisory: CVE-2021-3060 PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)
CVE-2021-3060 PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP) ...

Github Repositories

https://github.com/anmolksachan/CVE-2021-3060

CVE-2021-3060

CVE-2021-3060 POC/ Exploit Description: An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges The attacker must have network access to the GlobalProtect interfa

https://github.com/tmpout/elfs

A collection of interesting ELF files for inspiration and testing

ELFs This is a collection of interesting ELF files for inspiration and testing ⚠️ WARNING: Interact with these files at your own risk! They may contain malicious code, and malicious properties designed to break your analysis tools File List File Size Author Note 0xfftactics 128 netspooky Maxed out fields in a 64 bit ELF basebin 128 netspooky The smallest x86_6

References

CWE-78https://security.paloaltonetworks.com/CVE-2021-3060https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.htmlhttps://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.htmlhttps://nvd.nist.govhttps://github.com/anmolksachan/CVE-2021-3060https://security.paloaltonetworks.com/CVE-2021-3060
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook