Be in love with vulnerability scanning

Mageni is a powerful and easy vulnerability scanner used by companies of all sizes. You will be in love with Mageni's powerful features, ease of use and price. Free for 7-days then $39 monthly for infinite IPs.

Start now 

No Contracts, Cancel at Anytime and 7-days Money-Back Guarantee.

App screenshot

CVE-2021-3031

CVE information

Published

1 year ago

Last Modified

1 year ago

CVSSv2.0 Severity

Low

CVSSv3.1 Severity

Medium

Impact Analysis

Description

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall memory into the Ethernet packets. An attacker on the same Ethernet subnet as the PAN-OS firewall is able to collect potentially sensitive information from these packets. This issue is also known as Etherleak and is detected by security scanners as CVE-2003-0001. This issue impacts: PAN-OS 8.1 version earlier than PAN-OS 8.1.18; PAN-OS 9.0 versions earlier than PAN-OS 9.0.12; PAN-OS 9.1 versions earlier than PAN-OS 9.1.5..

CVSSv2.0 Score

Severity
Low
Base Score
3.3/10
Exploit Score
6.5/10
Access Vector
Adjacent_network
Access Complexity
Low
Authentication Required
None
Impact Score
2.9/10
Confidentiality Impact
Partial
Availability Impact
None
Integrity Impact
None

CVSSv3.1 Score

Severity
Medium
Base Score
4.3/10
Exploit Score
2.8/10
Access Vector
Adjacent_network
Access Complexity
Low
Privileges Required
None
Impact Score
1.4/10
Confidentiality Impact
Low
Availability Impact
None
Integrity Impact
None
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
  Yes
9.1.0 9.1.5
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
  Yes
9.0.0 9.0.12
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
  Yes
8.1.0 8.1.18
cpe:2.3:h:paloaltonetworks:pa-3060:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-3050:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-3020:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-3260:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-3250:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-3220:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-5200:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-220:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-2050:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-200:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-2020:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-500:-:*:*:*:*:*:*:*
  No
-
cpe:2.3:h:paloaltonetworks:pa-800:-:*:*:*:*:*:*:*
  No
-

Every 11 seconds there is a ransomware attack.

Mageni can help you manage this threat by understanding your vulnerabilities and prioritizing the remediation.

Sign up for free