CVE-2021-3156 Informational: Impact of Sudo Vulnerability CVE-2021-3156

Palo Alto Networks Security Advisories / CVE-2021-3156

CVE-2021-3156 Informational: Impact of Sudo Vulnerability CVE-2021-3156

Severity 0 · NONE

Attack Vector PHYSICAL

Attack Complexity HIGH

Privileges Required HIGH

User Interaction REQUIRED

Scope UNCHANGED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact NONE

NVD JSON

Published 2021-02-10

Updated 2021-02-10

Reference

Discovered externally

Description

Palo Alto Networks Product Security Assurance team has evaluated the Sudo software vulnerability CVE-2021-3156.

PAN-OS software, Prisma Cloud compute, and CloudGenix devices do not include the Sudo program and, therefore, no scenarios required for successful exploitation exist in these Palo Alto Networks products.

Product Status

Versions	Affected	Unaffected
Prisma Cloud compute	None	all
PAN-OS	None	all
CloudGenix	None	all

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)

Weakness Type

Solution

No product updates are required for this vulnerability.

Workarounds and Mitigations

Timeline

2021-02-10 Initial publication