Fixed an issue in Simple Certificate Enrollment
Protocol (SCEP) (CVE-2021-3060).
PAN-176655 and PAN-158334
A fix was made to address an OS command
injection vulnerability in the PAN-OS CLI that enabled an authenticated
administrator with access to the CLI to execute arbitrary OS commands
to escalate privileges (CVE-2021-3061).
PAN-176653
A fix was made to address an OS command
injection vulnerability in the PAN-OS web interface that enabled
an authenticated administrator with permissions to use XML API to
execute arbitrary OS commands to escalate privileges (CVE-2021-3058).
PAN-176618
A fix was made to address an OS command
injection vulnerability in PAN-OS that existed when performing dynamic
updates (CVE-2021-3059).
PAN-171203
Fixed an issue in a high availability (HA)
configuration where, when one firewall was active and its peer was
in a suspended state, the suspended firewall continued to send traffic,
which triggered the detection of duplicate MAC addresses.
PAN-160708
Fixed an issue where the dataplane restarted
after configuring a deny_all policy.
