"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface."
}
],
"credit":[
{
"lang":"eng",
"value":"Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."
"value":"A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue.\nThis issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17.\nPrisma Access customers are not impacted by this issue."
"value":"This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions."
}
],
"source":{
"defect":[
"PAN-96528"
],
"discovery":"EXTERNAL"
},
"timeline":[
{
"lang":"eng",
"time":"2021-11-10T17:00:00.000Z",
"value":"Initial publication"
}
],
"work_around":[
{
"lang":"eng",
"value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue."
