{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"PAN-OS: Configuration secrets for log forwarding may be logged in system logs"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2021-3032","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:32:57.539Z","generator":{"date":"2026-04-11T00:32:57.539Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2021-3032","initial_release_date":"2021-01-13T17:00:00.000Z","revision_history":[{"number":"1","date":"2021-01-13T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[]}]},"vulnerabilities":[{"cve":"CVE-2021-3032","product_status":{"fixed":["PANW-PAN-OS-312","PANW-PAN-OS-310","PANW-PAN-OS-309","PANW-PAN-OS-292"],"known_affected":["PANW-PAN-OS-312","PANW-PAN-OS-310","PANW-PAN-OS-309","PANW-PAN-OS-292"]},"notes":[{"category":"description","text":"An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log.\n\nLogged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles.\n"}],"references":[{"category":"external","summary":"NVD - CVE-2021-3032","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3032"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2021-3032","url":"https://security.paloaltonetworks.com/CVE-2021-3032"}],"threats":[{"category":"impact","description":"An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log.\n\nLogged information may include up to 1024 bytes of the configuration including the username and password in an encrypted form and private keys used in any certificate profiles set for log forwarding server profiles.\n"}],"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.4,"baseSeverity":"MEDIUM"},"products":["PANW-PAN-OS-312","PANW-PAN-OS-310","PANW-PAN-OS-309","PANW-PAN-OS-292"]}]}]}