Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

palo alto networks vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv2
CVE-2022-0025
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent
7.2
CVSSv2
CVE-2022-0026
A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\) to execute a program with elevated privileges. This ...
Paloaltonetworks Cortex Xdr Agent 6.1Paloaltonetworks Cortex Xdr Agent 6.1.4Paloaltonetworks Cortex Xdr Agent 6.1.5Paloaltonetworks Cortex Xdr Agent 6.1.6Paloaltonetworks Cortex Xdr Agent 6.1.7Paloaltonetworks Cortex Xdr Agent 6.1.8Paloaltonetworks Cortex Xdr Agent 6.1.9Paloaltonetworks Cortex Xdr Agent 7.4.4Paloaltonetworks Cortex Xdr Agent 7.4.3Paloaltonetworks Cortex Xdr Agent 7.4.2Paloaltonetworks Cortex Xdr Agent 7.4.1Paloaltonetworks Cortex Xdr Agent 7.5.1Paloaltonetworks Cortex Xdr Agent 7.5.2Paloaltonetworks Cortex Xdr Agent 7.5.3Paloaltonetworks Cortex Xdr Agent 7.6.1Paloaltonetworks Cortex Xdr Agent 7.6.2Paloaltonetworks Cortex Xdr Agent 7.7Paloaltonetworks Cortex Xdr Agent 7.7.1Paloaltonetworks Cortex Xdr Agent 7.5
4
CVSSv2
CVE-2022-0027
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the ...
Paloaltonetworks Cortex Xsoar 6.2.0Paloaltonetworks Cortex Xsoar 6.1.0Paloaltonetworks Cortex XsoarPaloaltonetworks Cortex Xsoar 6.5.0
NA
CVE-2022-0029
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local malicious user to read files on the system with elevated privileges when generating a tech support file.
Paloaltonetworks Cortex Xdr Agent
NA
CVE-2022-0030
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.
Paloaltonetworks Pan-os
NA
CVE-2022-0031
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges.
Paloaltonetworks Cortex Xsoar 6.8.0Paloaltonetworks Cortex Xsoar 6.6.0Paloaltonetworks Cortex Xsoar 6.5.0
NA
CVE-2023-35838
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and ser...
Wireguard Wireguard 0.5.3
NA
CVE-2023-6792
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
NA
CVE-2023-6794
An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
NA
CVE-2023-6795
An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook