1. Home
  2. CVE Database
  3. CVE-2021-3046
MEDIUM · 6.8

CVE-2021-3046

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalPro...

Vulnerability Description

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 10.1 versions are not impacted.

CVSS Score

6.8

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
PaloaltonetworksPan-Os>= 8.1.0, < 8.1.19

Related Weaknesses (CWE)

CWE-287

References

FAQ

What is CVE-2021-3046?

CVE-2021-3046 is a vulnerability with a CVSS score of 6.8 (MEDIUM). An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalPro...

How severe is CVE-2021-3046?

CVE-2021-3046 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-3046?

Check the references section above for vendor advisories and patch information. Affected products include: Paloaltonetworks Pan-Os.