admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

CVEs assigned for Palo Alto Networks June Patch Wednesday

Browse Source 
CVEs assigned for Palo Alto Networks June Patch Wednesday
This commit is contained in:
Chandan 2021-06-09 08:53:07 -07:00
parent d64049357b
commit ad747940e1
No known key found for this signature in database
GPG Key ID: 76A1F9BB8C9E02F5
3 changed files with 380 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
2021/3xxx/CVE-2021-3039.json
View File

@ -1,18 +1,129 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-06-09T16:00:00.000Z",
"ID": "CVE-2021-3039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Prisma Cloud Compute: User role authorization secret for Console leaked through log file export"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Prisma Cloud Compute",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "20.04",
"version_value": "21.04.412"
},
{
"version_affected": "!>=",
"version_name": "20.04",
"version_value": "21.04.412"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Jakub Palaczynski for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file.\n\nAuthenticated Operator role and Auditor role users with access to the debug log files can use this secret to gain Administrator role access for their active session in Prisma Cloud Compute.\n\nPrisma Cloud Compute SaaS versions were automatically upgraded to the fixed release.\nThis issue impacts all Prisma Cloud Compute versions earlier than Prisma Cloud Compute 21.04.412."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-532 Information Exposure Through Log Files"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2021-3039"
}
]
},
"solution": [
{
"lang": "eng",
"value": "This issue is fixed in Prisma Cloud Compute 21.04.412 and all later versions."
}
],
"source": {
"defect": [
"TL-28359"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "eng",
"time": "2021-06-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "eng",
"value": "Operator role and Auditor role users can be temporarily disabled in the Prisma Cloud Compute Console until Prisma Cloud Compute is upgraded to a fixed version."
}
],
"x_affectedList": [
"Prisma Cloud Compute 20.04"
]
}

127
2021/3xxx/CVE-2021-3040.json
View File

@ -1,18 +1,131 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-06-09T16:00:00.000Z",
"ID": "CVE-2021-3040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bridgecrew Checkov",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0",
"version_value": "2.0.139"
},
{
"version_affected": "!>=",
"version_name": "2.0",
"version_value": "2.0.139"
},
{
"version_affected": "!",
"version_name": "1.0",
"version_value": "all"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Palo Alto Networks thanks Bryan Eastes for discovering and reporting this issue."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file.\n\nThis issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139.\n\nCheckov 1.0 versions are not impacted."
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502 Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2021-3040"
}
]
},
"solution": [
{
"lang": "eng",
"value": "This issue is fixed in Checkov 2.0.139 and all later versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "eng",
"time": "2021-06-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "eng",
"value": "Do not run Checkov on terraform files from untrusted sources or pull requests."
}
],
"x_affectedList": [
"Bridgecrew Checkov 2.0"
]
}

149
2021/3xxx/CVE-2021-3041.json
View File

@ -1,18 +1,153 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2021-06-09T16:00:00.000Z",
"ID": "CVE-2021-3041",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cortex XDR Agent",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.0",
"version_value": "5.0.11"
},
{
"version_affected": "!>=",
"version_name": "5.0",
"version_value": "5.0.11"
},
{
"version_affected": "<",
"version_name": "6.1",
"version_value": "6.1.8"
},
{
"version_affected": "!>=",
"version_name": "6.1",
"version_value": "6.1.8"
},
{
"version_affected": "<",
"version_name": "7.2",
"version_value": "7.2.3 or without content update 171 or later"
},
{
"version_affected": "!>=",
"version_name": "7.2",
"version_value": "7.2.3 with content update 171 or later"
}
]
}
}
]
},
"vendor_name": "Palo Alto Networks"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "This issue was found by Robert McCallum of Palo Alto Networks during internal security review."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges.\n\nThis requires the user to have the privilege to create files in the Windows root directory or to manipulate key registry values.\nThis issue impacts:\nCortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.11;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.8;\nCortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.3;\nAll versions of Cortex XDR agent 7.2 without content update release 171 or a later version.\n"
}
]
}
},
"exploit": [
{
"lang": "eng",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://security.paloaltonetworks.com/CVE-2021-3041"
}
]
},
"solution": [
{
"lang": "eng",
"value": "This issue is fixed in Cortex XDR agent 5.0.11, Cortex XDR agent 6.1.8, Cortex XDR agent 7.2.3, and all later Cortex XDR agent versions.\n\nContent updates are required to resolve this issue and are automatically applied for the agent."
}
],
"source": {
"defect": [
"CPATR-12634",
"CPATR-12507",
"CPATR-11927"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "eng",
"time": "2021-06-09T16:00:00.000Z",
"value": "Initial publication"
}
],
"work_around": [
{
"lang": "eng",
"value": "This issue is mitigated by preventing local authenticated Windows users from creating files in the Windows root directory (such as C:\\) and ensuring they are unable to manipulate the Windows registry."
}
],
"x_affectedList": [
"Cortex XDR Agent 7.2",
"Cortex XDR Agent 6.1",
"Cortex XDR Agent 5.0"
]
}