CVE-2021-3045

MEDIUM Year: 2021
CVSS v3 Score
4.9
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-88
View all →

Vulnerability Description

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.19; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.10. PAN-OS 10.0 and later versions are not impacted.

Related Vulnerabilities

CVE-2020-14027

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE, that can be leveraged by attackers to enabl...

CWE-882020

CVE-2022-24953

MEDIUM
CVSS:5.3(Medium)

The Crypt_GPG extension before 1.6.7 for PHP does not prevent additional options in GPG calls, which presents a risk for certain environments and GPG versions.

CWE-882022

CVE-2022-4864

MEDIUM
CVSS:5.3(Medium)

Argument Injection in GitHub repository froxlor/froxlor prior to 2.0.0-beta1.

CWE-882022

CVE-2024-7573

MEDIUM
CVSS:5.3(Medium)

The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all versions up to, and including, 2.4. This is due to insufficient validation of input supplied via POST da...

CWE-882024

CVE-2018-11020

MEDIUM
CVSS:4.4(Medium)

kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /d...

CWE-882018

CVE-2022-44731

MEDIUM
CVSS:5.4(Medium)

A vulnerability has been identified in SIMATIC WinCC OA V3.15 (All versions < V3.15 P038), SIMATIC WinCC OA V3.16 (All versions < V3.16 P035), SIMATIC WinCC OA V3.17 (All versions < V3.17 P024), SIMAT...

CWE-882022