Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0008
A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
8.5
CVSSv2
CVE-2021-3056
A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated malicious user to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; ...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 10.0.0
9.3
CVSSv2
CVE-2021-3060
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The at...
Paloaltonetworks Prisma Access 2.1
Paloaltonetworks Pan-os
2 Github repositories
1.9
CVSSv2
CVE-2020-1978
TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA) inadvertently collect Azure dashboard service account credentials. These credentials are equivalent to the credentials associated with the Con...
Paloaltonetworks Vm-series
Paloaltonetworks Pan-os 9.0.0
NA
CVE-2023-6790
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote malicious user to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
NA
CVE-2023-6791
A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 11.0.0
NA
CVE-2023-38046
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.
Paloaltonetworks Pan-os 11.0.0
Paloaltonetworks Pan-os
2.1
CVSSv2
CVE-2018-9334
The PAN-OS management web interface page in PAN-OS 6.1.20 and previous versions, PAN-OS 7.1.16 and previous versions, PAN-OS 8.0.8 and previous versions, and PAN-OS 8.1.0 may allow an malicious user to access the GlobalProtect password hashes of local users via manipulation of th...
Paloaltonetworks Pan-os
Paloaltonetworks Pan-os 8.1.0
1 Github repository
NA
CVE-2023-0003
A file disclosure vulnerability in the Palo Alto Networks Cortex XSOAR server software enables an authenticated user with access to the web interface to read local files from the server.
Paloaltonetworks Cortex Xsoar 6.8.0
Paloaltonetworks Cortex Xsoar 6.6.0
Paloaltonetworks Cortex Xsoar
Paloaltonetworks Cortex Xsoar 6.9.0
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
1 Github repository
4
CVSSv2
CVE-2021-3049
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from incident investigations of which they are aware but are not a part of. This issue impac...
Paloaltonetworks Cortex Xsoar 5.5.0
Paloaltonetworks Cortex Xsoar 6.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »