CVE-2021-3031

{"id": "CVE-2021-3031", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2021-01-13T18:15:14.603", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2021-3031", "tags": ["Vendor Advisory"], "source": "psirt@paloaltonetworks.com"}, {"url": "https://security.paloaltonetworks.com/CVE-2021-3031", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-200"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-212"}]}], "descriptions": [{"lang": "en", "value": "Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5."}, {"lang": "es", "value": "Los bytes de relleno en los paquetes Ethernet en los firewalls PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series y PA-7000 Series, no son borrados antes de que se cree la trama de datos. Esto filtra una peque\u00f1a cantidad de informaci\u00f3n aleatoria de la memoria del firewall para los paquetes Ethernet. Un atacante en la misma subred Ethernet que el firewall PAN-OS puede recopilar informaci\u00f3n potencialmente confidencial de estos paquetes. Este problema tambi\u00e9n se conoce como Etherleak y los esc\u00e1neres de seguridad lo detectan como CVE-2003-0001. Este problema afecta: PAN-OS 8.1 versiones anteriores a PAN-OS 8.1.18; PAN-OS 9.0 versiones anteriores a PAN-OS 9.0.12; PAN-OS 9.1 versiones anteriores a PAN-OS 9.1.5."}], "lastModified": "2024-11-21T06:20:47.707", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33293775-DC4C-41E0-89CD-B15F4B73D130", "versionEndExcluding": "8.1.18", "versionStartIncluding": "8.1.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9DABB61F-8BFA-4476-9A59-E0DC68873022", "versionEndExcluding": "9.0.12", "versionStartIncluding": "9.0.0"}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "872E6056-5BE6-4FE8-BE33-F98CF0DBC67C", "versionEndExcluding": "9.1.5", "versionStartIncluding": "9.1.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:paloaltonetworks:pa-200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C4A00CA4-326B-45A1-A4C1-46DDA28819AA"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "17D4C591-22F5-44A8-8490-7B4AD0682414"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-2050:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ADF87CC5-485D-4F39-953C-A727CF0A5305"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E75FBB9F-24D9-413A-ABC8-6ACFD99F4097"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43FCBC3C-C1EC-43D3-80CE-6C8D0C465FD3"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3050:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2480738F-8A68-4B15-8893-0BD9AA4660B8"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3060:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F3DA3033-6239-47D4-9CF9-11AE51E0308E"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A1D39EA7-7F92-4CF0-AF52-D6DA4A35683A"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B2632686-9B16-4CDB-8874-55CDB86CA90F"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-3260:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DED6DB33-02C3-421E-B289-0E735293F100"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6550421C-0EA0-4C04-93C9-F862B1CDED67"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-5200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0196D5B4-9C82-4DC6-9A3D-3397BE92D153"}, {"criteria": "cpe:2.3:h:paloaltonetworks:pa-800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5BC340BF-F1B1-4EE8-91C9-DF650B26555F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@paloaltonetworks.com"}