CVE-2021-3054

CVE-2021-3054

A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges.
This issue impacts:
PAN-OS 8.1 versions earlier than PAN-OS 8.1.20;
PAN-OS 9.0 versions earlier than PAN-OS 9.0.14;
PAN-OS 9.1 versions earlier than PAN-OS 9.1.11;
PAN-OS 10.0 versions earlier than PAN-OS 10.0.7;
PAN-OS 10.1 versions earlier than PAN-OS 10.1.2.

This issue does not affect Prisma Access.

Source: CVE-2021-3054

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다