{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2021-3033","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:25:11.965Z","generator":{"date":"2026-04-11T00:25:11.965Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2021-3033","initial_release_date":"2021-02-10T17:00:00.000Z","revision_history":[{"number":"1","date":"2021-02-10T09:00:00.000Z","summary":"Initial publication"},{"number":"2","date":"2021-02-26T11:00:00.000Z","summary":"Updated affected and unaffected versions with build numbers"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[]}]},"vulnerabilities":[{"cve":"CVE-2021-3033","product_status":{"fixed":["PANW-Prisma-Cloud-Compute-8","PANW-Prisma-Cloud-Compute-10","PANW-Prisma-Cloud-Compute-12"],"known_affected":["PANW-Prisma-Cloud-Compute-6","PANW-Prisma-Cloud-Compute-7","PANW-Prisma-Cloud-Compute-9","PANW-Prisma-Cloud-Compute-11"]},"notes":[{"category":"description","text":"An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized user."}],"references":[{"category":"external","summary":"NVD - CVE-2021-3033","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3033"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2021-3033","url":"https://security.paloaltonetworks.com/CVE-2021-3033"}],"threats":[{"category":"impact","description":"An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized user."}],"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":9.1,"baseSeverity":"CRITICAL"},"products":["PANW-Prisma-Cloud-Compute-6","PANW-Prisma-Cloud-Compute-7","PANW-Prisma-Cloud-Compute-9","PANW-Prisma-Cloud-Compute-11"]}]}]}