Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks prisma cloud vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-3033
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an malicious user to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute consol...
Paloaltonetworks Prisma Cloud 19.11
Paloaltonetworks Prisma Cloud 20.04
Paloaltonetworks Prisma Cloud 20.09
Paloaltonetworks Prisma Cloud 20.12
3.8
CVSSv3
CVE-2021-3039
An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access t...
Paloaltonetworks Prisma Cloud
4.8
CVSSv3
CVE-2021-3043
A reflected cross-site scripting (XSS) vulnerability exists in the Prisma Cloud Compute web console that enables a remote malicious user to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma ...
Paloaltonetworks Prisma Cloud
10
CVSSv3
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with...
Paloaltonetworks Pan-os 10.2.7
Paloaltonetworks Pan-os 10.2.2
Paloaltonetworks Pan-os 10.2.6
Paloaltonetworks Pan-os 10.2.5
Paloaltonetworks Pan-os 10.2.3
Paloaltonetworks Pan-os 10.2.4
Paloaltonetworks Pan-os 10.2.1
Paloaltonetworks Pan-os 10.2.0
Paloaltonetworks Pan-os 10.2.9
Paloaltonetworks Pan-os 11.1.1
Paloaltonetworks Pan-os 11.0.2
Paloaltonetworks Pan-os 11.1.0
Paloaltonetworks Pan-os 11.1.2
Paloaltonetworks Pan-os 11.0.4
Paloaltonetworks Pan-os 11.0.3
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os 11.0.1
42 Github repositories
7 Articles
7.2
CVSSv3
CVE-2021-3035
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
Paloaltonetworks Bridgecrew Checkov
7.2
CVSSv3
CVE-2021-3040
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.
Paloaltonetworks Bridgecrew Checkov
4.8
CVSSv3
CVE-2020-1982
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions requir...
Paloaltonetworks Pan-os
8.6
CVSSv3
CVE-2022-0028
A PAN-OS URL filtering policy misconfiguration could allow a network-based malicious user to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-S...
Paloaltonetworks Pan-os
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started