Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-3048

Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted.

Published

2021-08-11T17:15:07.593

Last Modified

2024-11-21T06:20:50.650

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-20
Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	paloaltonetworks	pan-os	< 9.0.14	Yes
Operating System	paloaltonetworks	pan-os	< 9.1.9	Yes
Operating System	paloaltonetworks	pan-os	< 10.0.5	Yes

References

https://security.paloaltonetworks.com/CVE-2020-3048 Broken Link ([email protected])
https://security.paloaltonetworks.com/CVE-2021-3048 Vendor Advisory ([email protected])
https://security.paloaltonetworks.com/CVE-2020-3048 Broken Link (af854a3a-2127-422b-91ae-364da2661108)