Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-3031

Опубликовано: 13 янв. 2021
Источник: nvd
CVSS3: 4.3
CVSS2: 3.3
EPSS Низкий

Описание

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 8.1.0 (включая) до 8.1.18 (исключая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 9.0.0 (включая) до 9.0.12 (исключая)
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
Версия от 9.1.0 (включая) до 9.1.5 (исключая)

Одно из

cpe:2.3:h:paloaltonetworks:pa-200:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-2020:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-2050:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-220:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3020:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3050:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3060:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3220:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3250:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-3260:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-500:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-5200:-:*:*:*:*:*:*:*
cpe:2.3:h:paloaltonetworks:pa-800:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00088
Низкий

4.3 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-200
CWE-212

Связанные уязвимости

github логотип

GHSA-v97c-wm3x-xr3x

CVSS3: 4.3
github
больше 3 лет назад

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5.

EPSS

Процентиль: 25%
0.00088
Низкий

4.3 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-200
CWE-212