QSearchQSearch

CVE-2021-3033

9.1 CRITICAL

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console

Published: 2021-02-10 · Last updated: 2026-06-17

Severity and scoring

CVSS
9.1 CRITICAL
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE
CWE-347

Affected products

VendorProduct
paloaltonetworksprisma_cloud

Description

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized user. This issue impacts: All versions of Prisma Cloud Compute 19.11, Prisma Cloud Compute 20.04, and Prisma Cloud Compute 20.09; Prisma Cloud Compute 20.12 before update 1. Prisma Cloud Compute SaaS version is not impacted by this vulnerability.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-0257 Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker ... (9.1 CRITICAL)
  • CVE-2025-0130 A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to... (7.5 HIGH)
  • CVE-2021-3057 A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker ... (8.1 HIGH)
  • CVE-2021-3055 An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an au... (6.5 MEDIUM)
  • CVE-2021-3054 A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authentica... (7.2 HIGH)

Same CWE

  • CVE-2026-42743 Unauthenticated Broken Authentication in Masteriyo - LMS <= 2.1.8 versions (6.5 MEDIUM)
  • CVE-2026-48558 SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authenticati... (10.0 CRITICAL)
  • CVE-2026-50010 Netty is a network application framework for development of protocol servers and clients (7.5 HIGH)
  • CVE-2026-50634 A vulnerability in Apache CXF's JwsJsonContainerRequestFilter can be exploited to cause CXF to process metadata that was not authenticate... (6.5 MEDIUM)
  • CVE-2026-41005 Cloud Foundry UAA incorrectly treated XML encryption to the Service Provider (confidentiality) as a substitute for XML signatures from th... (9.0 CRITICAL)