← Back to CVE List

CVE-2021-3058

Published: 2021-11-10T17:15Z
Last Modified: 2024-11-21T06:20Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. This issue does not impact Prisma Access firewalls. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt