Palo Alto Networks announced the availability of patches for security flaws in the PAN-OS and Cortex XSOAR products. Updates fix the following issues:

CVE-2021-3049 - an improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR (CVSS score of 2.6);

CVE-2021-3055 - denial of service vulnerability in the Palo Alto Networks PAN-OS web interface (CVSS score of 6.5);

CVE-2021-3054 - arbitrary code execution vulnerability in the Palo Alto Networks PAN-OS web interface (CVSS score of 7.2);

CVE-2021-3053 - denial of service vulnerability in the Palo Alto Networks PAN-OS (CVSS score of 7.5);

CVE-2021-3052 - cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface (CVSS score of 8);

CVE-2021-3051 - authentication bypass vulnerability in Palo Alto Networks Cortex XSOAR (CVSS score of 8.1).

In addition, Palo Alto Networks fixed CVE-2020-10188 vulnerability (impact of Telnet Remote-Code-Execution (RCE) vulnerability (CVE-2020-10188)) in PAN-OS software.