Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks pan-os vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-1996
A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries ...
Paloaltonetworks Pan-os
9.3
CVSSv2
CVE-2020-2021
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based malicious...
Paloaltonetworks Pan-os
3 Github repositories
1 Article
9
CVSSv2
CVE-2020-2027
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and PAN-OS 8.0; PAN-O...
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2020-2038
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10....
Paloaltonetworks Pan-os
1 Github repository
9
CVSSv2
CVE-2020-2042
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.
Paloaltonetworks Pan-os
4
CVSSv2
CVE-2020-2044
An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command...
Paloaltonetworks Pan-os
4.6
CVSSv2
CVE-2016-9151
Palo Alto Networks PAN-OS prior to 5.0.20, 5.1.x prior to 5.1.13, 6.0.x prior to 6.0.15, 6.1.x prior to 6.1.15, 7.0.x prior to 7.0.11, and 7.1.x prior to 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.
Paloaltonetworks Pan-os
2 EDB exploits
3.3
CVSSv2
CVE-2021-3031
Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall me...
Paloaltonetworks Pan-os
9
CVSSv2
CVE-2021-3058
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PA...
Paloaltonetworks Pan-os
4.3
CVSSv2
CVE-2017-16878
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS prior to 8.0.7 allows remote malicious users to inject arbitrary web script or HTML by leveraging an unspecified configuration.
Paloaltonetworks Pan-os
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »