CVE-2021-3033 : Security Advisory and Response
Discover the critical vulnerability, CVE-2021-3033, impacting Palo Alto Networks Prisma Cloud Compute console. Learn about the impact, affected versions, and mitigation steps.
A critical vulnerability, CVE-2021-3033, has been identified in Palo Alto Networks Prisma Cloud Compute console related to SAML authentication. This vulnerability could allow an attacker to bypass signature validation during authentication.
Understanding CVE-2021-20657
This section provides insights into the details and impact of the CVE-2021-3033 vulnerability.
What is CVE-2021-20657?
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability allows attackers to bypass signature validation during SAML authentication.
The Impact of CVE-2021-20657
The vulnerability impacts all versions of Prisma Cloud Compute 19.11, 20.04, and 20.09, along with version 20.12 before update 1. The SaaS version remains unaffected.
Technical Details of CVE-2021-20657
This section covers the technical aspects of the vulnerability.
Vulnerability Description
The vulnerability allows attackers to bypass signature validation during SAML authentication in Prisma Cloud Compute console.
Affected Systems and Versions
Prisma Cloud Compute versions 19.11, 20.04, 20.09, and 20.12 (pre-update 1) are impacted. The SaaS version is not affected.
Exploitation Mechanism
No known malicious exploitation of the vulnerability has been reported by Palo Alto Networks.
Mitigation and Prevention
To safeguard systems against CVE-2021-3033, consider the following steps:
Immediate Steps to Take
Disable SAML authentication in Prisma Cloud Compute configurations to mitigate the impact.
Long-Term Security Practices
Regularly update to the latest version of Prisma Cloud Compute to ensure protection against known vulnerabilities.
Patching and Updates
The issue has been resolved in Prisma Cloud Compute 20.12 update 1 and later versions.