CVE-2021-3043 Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console
Prisma Cloud Compute SaaS versions were automatically upgraded to the fixed release. No additional action is required for these instances.
This issue impacts:
Prisma Cloud Compute 20.12 versions earlier than Prisma Cloud Compute 20.12.552;
Prisma Cloud Compute 21.04 versions earlier than Prisma Cloud Compute 21.04.439.
|Prisma Cloud Compute 21.04||< 21.04.439||>= 21.04.439|
|Prisma Cloud Compute 20.12||< 20.12.552||>= 20.12.552|
CVSSv3.1 Base Score: 7.5 (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
Palo Alto Networks is not aware of any malicious exploitation of this issue.
This issue is fixed in Prisma Cloud Compute 20.12.552, Prisma Cloud Compute 21.04.439, and all later Prisma Cloud Compute versions.
Workarounds and Mitigations
There are no known workarounds for this issue.