New Palo Alto Networks Security Advisories.
Palo Alto Networks has published 8 new Security Advisories at https://security.paloaltonetworks.com on November 10, 2021:
PAN-OS, Prisma Access
________________________________________
CVE-2021-3064 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces (Severity: CRITICAL)
https://security.paloaltonetworks.com/CVE-2021-3064
CVE-2021-3056 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3056
CVE-2021-3058 PAN-OS: OS Command Injection Vulnerability in Web Interface XML API (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3058
CVE-2021-3059 PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3059
CVE-2021-3060 PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP) (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3060
CVE-2021-3062 PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3062
CVE-2021-3063 PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2021-3063
CVE-2021-3061 PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI) (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2021-3061
Please visit our Security Advisories website to learn more at https://security.paloaltonetworks.com/.
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support.
Regards,
Product Security Incident Response Team
Palo Alto Networks