CVE-2021-3033

Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console

Description

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized user. This issue impacts: All versions of Prisma Cloud Compute 19.11, Prisma Cloud Compute 20.04, and Prisma Cloud Compute 20.09; Prisma Cloud Compute 20.12 before update 1. Prisma Cloud Compute SaaS version is not impacted by this vulnerability.

Remediation

Solution:

  • This issue is fixed in Prisma Cloud Compute 20.12 update 1 and all later versions.

Workaround:

  • You can mitigate the impact of this issue by disabling SAML authentication in the Prisma Cloud Compute configuration

Category

9.1
CVSS
Severity: Critical
CVSS 3.1 •
CVSS 2.0 •
EPSS 0.07%
Third-Party Advisory paloaltonetworks.com
Affected: Palo Alto Networks Prisma Cloud Compute
Published at:
Updated at:

References

Link Tags
https://security.paloaltonetworks.com/CVE-2021-3033 third party advisory

Frequently Asked Questions

What is the severity of CVE-2021-3033?
CVE-2021-3033 has been scored as a critical severity vulnerability.
How to fix CVE-2021-3033?
To fix CVE-2021-3033: This issue is fixed in Prisma Cloud Compute 20.12 update 1 and all later versions.
Is CVE-2021-3033 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2021-3033 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-3033?
CVE-2021-3033 affects Palo Alto Networks Prisma Cloud Compute.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.