{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: CVE-2021-3056","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:53:04.062Z","generator":{"date":"2026-04-11T00:53:04.062Z","engine":{"name":"Vulnogram","version":"0.0.9"}},"id":"CVE-2021-3056","initial_release_date":"2021-11-10T17:00:00.000Z","revision_history":[{"number":"1","date":"2021-11-10T09:00:00.000Z","summary":"Initial publication"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"Prisma Access","category":"product_name","branches":[{"category":"product_version","name":"Prisma Access 2.2","product":{"name":"Palo Alto Networks Prisma Access","product_id":"PANW-Prisma-Access-48"}},{"category":"product_version","name":"Prisma Access 2.1","product":{"name":"Palo Alto Networks Prisma Access","product_id":"PANW-Prisma-Access-49"}},{"category":"product_version_range","name":"vers:generic/Prisma Access>=2.1","product":{"name":"Palo Alto Networks Prisma Access","product_id":"PANW-Prisma-Access-50"}}]},{"name":"PAN-OS","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/PAN-OS>=10.1.0","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-118"}},{"category":"product_version_range","name":"vers:generic/PAN-OS<10.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-799"}},{"category":"product_version_range","name":"vers:generic/PAN-OS>=10.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-799"}},{"category":"product_version_range","name":"vers:generic/PAN-OS<9.1.9","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-800"}},{"category":"product_version_range","name":"vers:generic/PAN-OS>=9.1.9","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-800"}},{"category":"product_version_range","name":"vers:generic/PAN-OS<9.0.14","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-801"}},{"category":"product_version_range","name":"vers:generic/PAN-OS>=9.0.14","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-801"}},{"category":"product_version_range","name":"vers:generic/PAN-OS<8.1.20","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-802"}},{"category":"product_version_range","name":"vers:generic/PAN-OS>=8.1.20","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-802"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2021-3056","product_status":{"fixed":["PANW-Prisma-Access-50","PANW-PAN-OS-799","PANW-PAN-OS-800","PANW-PAN-OS-801","PANW-PAN-OS-802"],"known_affected":["PANW-Prisma-Access-49","PANW-PAN-OS-799","PANW-PAN-OS-800","PANW-PAN-OS-801","PANW-PAN-OS-802"],"known_not_affected":["PANW-Prisma-Access-48","PANW-PAN-OS-118"]},"notes":[{"category":"description","text":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.\n\nThis issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n\nPrisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."}],"references":[{"category":"external","summary":"NVD - CVE-2021-3056","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3056"},{"category":"self","summary":"Palo Alto Networks Security Advisory CVE-2021-3056","url":"https://security.paloaltonetworks.com/CVE-2021-3056"}],"threats":[{"category":"impact","description":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.\n\nThis issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n\nPrisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue."}],"scores":[{"cvss_v3":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseSeverity":"HIGH","baseScore":8.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},"products":["PANW-Prisma-Access-49","PANW-PAN-OS-799","PANW-PAN-OS-800","PANW-PAN-OS-801","PANW-PAN-OS-802"]}]}]}