Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pan-os vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-2011
An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempt...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2020-2012
Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This iss...
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-2013
A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected ...
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-2014
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions e...
Paloaltonetworks Pan-os
8.8
CVSSv3
CVE-2020-2015
A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; P...
Paloaltonetworks Pan-os
6.1
CVSSv3
CVE-2020-2017
A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in th...
Paloaltonetworks Pan-os
9
CVSSv3
CVE-2020-2018
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit th...
Paloaltonetworks Pan-os
7.5
CVSSv3
CVE-2020-2022
An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerabi...
Paloaltonetworks Pan-os
8.1
CVSSv3
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based malicious user to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be ...
Paloaltonetworks Pan-os
2 Github repositories
1 Article
8.8
CVSSv3
CVE-2019-1576
Command injection in PAN-0S 9.0.2 and previous versions may allow an authenticated malicious user to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.
Paloaltonetworks Pan-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »