Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
8.5
CVSSv2
CVE-2021-3056
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated malicious user to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; ...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 10.0.0
6
CVSSv2
CVE-2021-3062
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enable...
Paloaltonetworks Pan-os
10
CVSSv2
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
9
CVSSv2
CVE-2021-3058
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PA...
Paloaltonetworks Pan-os
7.6
CVSSv2
CVE-2021-3059
An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle malicious user to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8....
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
9
CVSSv2
CVE-2021-3061
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2021-3063
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to send specifically crafted traffic to a GlobalProtect interface that causes the ser...
Paloaltonetworks Pan-os
7.1
CVSSv2
CVE-2021-3053
An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based malicious user to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempt...
Paloaltonetworks Pan-os
3.5
CVSSv2
CVE-2021-3052
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based malicious user to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in t...
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »