Fixed an issue in Simple Certificate Enrollment
Protocol (SCEP) (CVE-2021-3060).
PAN-176655 and PAN-158334
A fix was made to address an OS command
injection vulnerability in the PAN-OS CLI that enabled an authenticated administrator
with access to the CLI to execute arbitrary OS commands to escalate
privileges (CVE-2021-3061).
PAN-176653
A fix was made to address an OS command
injection vulnerability in the PAN-OS web interface that enabled
an authenticated administrator with permissions to use XML API to
execute arbitrary OS commands to escalate privileges (CVE-2021-3058).
PAN-176618
A fix was made to address an OS command
injection vulnerability in PAN-OS that existed when performing dynamic
updates (CVE-2021-3059).