New Palo Alto Networks Security Advisories.
Palo Alto Networks has published 4 new Security Advisories and 1 new Informational Bulletin at https://security.paloaltonetworks.com on April 14, 2021:
Bridgecrew Checkov
________________________________________
CVE-2021-3035 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2021-3035
GlobalProtect App
________________________________________
CVE-2021-3038 GlobalProtect App: Windows VPN kernel driver denial of service (DoS) (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2021-3038
PAN-OS
________________________________________
CVE-2021-3036 PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2021-3036
CVE-2021-3037 PAN-OS: Secrets for scheduled configuration exports are logged in system logs (Severity: LOW)
https://security.paloaltonetworks.com/CVE-2021-3037
Informational Bulletin
________________________________________
CVE-2021-28041 PAN-OS: Informational: Impact of the OpenSSH vulnerability CVE-2021-28041 (Severity: NONE)
https://security.paloaltonetworks.com/CVE-2021-28041
Please visit our Security Advisories website to learn more at https://security.paloaltonetworks.com/.
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support.
Regards,
Product Security Incident Response Team
Palo Alto Networks