Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-3064
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have ...
Paloaltonetworks Pan-os
1 Github repository
1 Article
8.8
CVSSv3
CVE-2021-3056
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated malicious user to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; ...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 10.0.0
7.2
CVSSv3
CVE-2021-3058
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PA...
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2021-3059
An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle malicious user to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8....
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
7.2
CVSSv3
CVE-2021-3061
An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2021-3062
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enable...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2021-3063
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based malicious user to send specifically crafted traffic to a GlobalProtect interface that causes the ser...
Paloaltonetworks Pan-os
6.6
CVSSv3
CVE-2021-3054
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges. This issue impacts: PAN-OS 8.1 version...
Paloaltonetworks Pan-os
6.5
CVSSv3
CVE-2021-3055
An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system and send a specifically crafted request to the firewall that causes t...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »