CVE-2021-3037
First published: Tue Apr 20 2021(Updated: )
An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server.
Credit: psirt@paloaltonetworks.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Paloaltonetworks Pan-os | >=8.1.0<8.1.19 | |
| Paloaltonetworks Pan-os | >=9.0.0<9.0.13 | |
| Paloaltonetworks Pan-os | >=9.1.0<9.1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-3037?
The severity of CVE-2021-3037 is low with a CVSS score of 2.3.
How does the information exposure through log file vulnerability in Palo Alto Networks PAN-OS software work?
The vulnerability allows the cleartext username, password, and IP address used for a scheduled configuration export to be logged in system logs, exposing sensitive information.
Which versions of Palo Alto Networks PAN-OS software are affected by CVE-2021-3037?
Versions 8.1.0 to 8.1.19, 9.0.0 to 9.0.13, and 9.1.0 to 9.1.4 of Palo Alto Networks PAN-OS software are affected by CVE-2021-3037.
How can I fix the information exposure through log file vulnerability in Palo Alto Networks PAN-OS software?
Upgrade to a fixed version of Palo Alto Networks PAN-OS software (8.1.20, 9.0.14, or 9.1.5) to fix the vulnerability.
Where can I find more information about CVE-2021-3037?
You can find more information about CVE-2021-3037 on the Palo Alto Networks security website.
- collector/nvd-index
- vendor/paloaltonetworks
- canonical/paloaltonetworks pan-os
- version/paloaltonetworks pan-os/8.1.0
- version/paloaltonetworks pan-os/9.0.0
- version/paloaltonetworks pan-os/9.1.0