Palo Alto Networks Security Advisories / PAN-SA-2021-0003

PAN-SA-2021-0003 Informational: Impact of the NAME:WRECK DNS vulnerabilities

047910
Severity 0 · NONE
Attack Vector PHYSICAL
Attack Complexity HIGH
Privileges Required HIGH
User Interaction REQUIRED
Scope UNCHANGED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact NONE

Description

The Palo Alto Networks Product Security Assurance team evaluated the NAME:WRECK DNS vulnerabilities impacting multiple TCP/IP software stack implementations.

PAN-OS software and CloudGenix devices do not utilize the IPNet, Nucleus NET, FreeBSD, or NetX TCP/IP software stacks related to these vulnerabilities. As a result, there is no known security impact for these vulnerabilities in PAN-OS software or CloudGenix devices.

Product Status

VersionsAffectedUnaffected
PAN-OS Noneall
CloudGenix Noneall

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)

Weakness Type

Solution

No product updates are required for these issues.

Workarounds and Mitigations

Timeline

Updated description for clarity
Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.