Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

paloaltonetworks prisma cloud vulnerabilities and exploits

(subscribe to this query)
9.8
CVSSv3
CVE-2021-3033
An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an malicious user to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute consol...
Paloaltonetworks Prisma Cloud 19.11Paloaltonetworks Prisma Cloud 20.04Paloaltonetworks Prisma Cloud 20.09Paloaltonetworks Prisma Cloud 20.12
3.8
CVSSv3
CVE-2021-3039
An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access t...
Paloaltonetworks Prisma Cloud
4.8
CVSSv3
CVE-2021-3043
A reflected cross-site scripting (XSS) vulnerability exists in the Prisma Cloud Compute web console that enables a remote malicious user to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma ...
Paloaltonetworks Prisma Cloud
10
CVSSv3
CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated malicious user to execute arbitrary code with...
Paloaltonetworks Pan-os 10.2.7Paloaltonetworks Pan-os 10.2.2Paloaltonetworks Pan-os 10.2.6Paloaltonetworks Pan-os 10.2.5Paloaltonetworks Pan-os 10.2.3Paloaltonetworks Pan-os 10.2.4Paloaltonetworks Pan-os 10.2.1Paloaltonetworks Pan-os 10.2.0Paloaltonetworks Pan-os 10.2.9Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.0.2Paloaltonetworks Pan-os 11.1.0Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.0.4Paloaltonetworks Pan-os 11.0.3Paloaltonetworks Pan-os 11.0.0Paloaltonetworks Pan-os 11.0.1
7.2
CVSSv3
CVE-2021-3035
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
Paloaltonetworks Bridgecrew Checkov
7.2
CVSSv3
CVE-2021-3040
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.
Paloaltonetworks Bridgecrew Checkov
4.8
CVSSv3
CVE-2020-1982
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions requir...
Paloaltonetworks Pan-os
8.6
CVSSv3
CVE-2022-0028
A PAN-OS URL filtering policy misconfiguration could allow a network-based malicious user to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-S...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTICVE-2024-35863CVE-2024-35910man-in-the-middleCVE-2024-35912CVE-2024-25742LFICVE-2024-32002CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook