CVE-2021-3060

high-risk
Published 2021-11-10

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.

Do I need to act?

!
42.5% chance of exploitation in next 30 days
EPSS score — higher than 57% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10 High
NETWORK / HIGH complexity

Affected Products (3)

Affected Vendors

Paloaltonetworks

References (6)

Vendor Advisory https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-managemen...
Vendor Advisory https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-acc...
Vendor Advisory https://security.paloaltonetworks.com/CVE-2021-3060
Vendor Advisory https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-managemen...
Vendor Advisory https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-acc...
Vendor Advisory https://security.paloaltonetworks.com/CVE-2021-3060
50
/ 100
high-risk
Severity 24/34 · High
Exploitability 17/34 · Moderate
Exposure 9/34 · Low