#VU53995 Inclusion of Sensitive Information in Log Files in Prisma Cloud Compute - CVE-2021-3039

Cybersecurity Help s.r.o.

Published: 2021-06-09

Vulnerability identifier: #VU53995

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3039

CWE-ID: CWE-532

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Prisma Cloud Compute
Server applications / DLP, anti-spam, sniffers

Vendor: Palo Alto Networks, Inc.

Description

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to a secret used to authorize the role of the authenticated user is logged to a debug log file. A remote user can read the log files and gain access to sensitive data.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Prisma Cloud Compute: 9.11 update 1 - 20.12

External links
https://security.paloaltonetworks.com/CVE-2021-3039

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Information disclosure in Prisma Cloud Compute