PAN-SA-2021-0003 Informational: Impact of the NAME:WRECK DNS vulnerabilities
Informational
Description
The Palo Alto Networks Product Security Assurance team evaluated the NAME:WRECK DNS vulnerabilities impacting multiple TCP/IP software stack implementations.
PAN-OS software and Prisma SD-WAN (CloudGenix) devices do not utilize the IPNet, Nucleus NET, FreeBSD, or NetX TCP/IP software stacks related to these vulnerabilities. As a result, there is no known security impact for these vulnerabilities in PAN-OS software or Prisma SD-WAN (CloudGenix) devices.
| CVE | Summary |
|---|---|
| CVE-2016-20009 | This vulnerability in the IPNet TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-15795 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-27009 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-7461 | This vulnerability in the FreeBSD TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-27736 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-27737 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2020-27738 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
| CVE-2021-25677 | This vulnerability in the Nucleus NET TCP/IP stack does not impact PAN-OS software or Prisma SD-WAN (CloudGenix) devices. |
Product Status
| Versions | Affected | Unaffected |
|---|---|---|
| PAN-OS | None | all |
| Prisma SD-WAN (CloudGenix) | None | all |
Solution
No product updates are required for these issues.
Timeline
Updated description for clarity
Initial publication