Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
8.6
CVSSv3
CVE-2022-0028
A PAN-OS URL filtering policy misconfiguration could allow a network-based malicious user to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-S...
Paloaltonetworks Pan-os
1 Article
8.2
CVSSv3
CVE-2020-2050
An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an malicious user to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any use...
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2021-3059
An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle malicious user to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8....
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
8.1
CVSSv3
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be ...
Paloaltonetworks Pan-os
2 Github repositories
1 Article
8.1
CVSSv3
CVE-2020-2002
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authe...
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2019-1579
Remote Code Execution in PAN-OS 7.1.18 and previous versions, PAN-OS 8.0.11-h1 and previous versions, and PAN-OS 8.1.2 and previous versions with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote malicious user to execute arbitrar...
Paloaltonetworks Pan-os
1 Github repository
1 Article
7.8
CVSSv3
CVE-2020-1979
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges...
Paloaltonetworks Pan-os
7.8
CVSSv3
CVE-2020-1980
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later ...
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »