Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paloaltonetworks vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-0020
A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based malicious user to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of auth...
Paloaltonetworks Cortex Xsoar 6.2.0
Paloaltonetworks Cortex Xsoar 6.1.0
7.8
CVSSv3
CVE-2020-1989
An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global P...
Paloaltonetworks Globalprotect
6.7
CVSSv3
CVE-2023-3282
A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local malicious user to execute programs with elevated privileges if the attacker has shell access to the engine.
Paloaltonetworks Cortex Xsoar
2.5
CVSSv3
CVE-2019-1573
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and previous versions for macOS may allow a local authenticated attacker who has compromised the end-user account and gained the ability to inspect memory, to access authentication and/or session tokens and repl...
Paloaltonetworks Globalprotect
5.5
CVSSv3
CVE-2021-3038
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProt...
Paloaltonetworks Globalprotect
7.8
CVSSv3
CVE-2021-3041
A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windo...
Paloaltonetworks Cortex Xdr Agent
8
CVSSv3
CVE-2019-1583
Escalation of privilege vulnerability in the Palo Alto Networks Twistlock console 19.07.358 and previous versions allows a Twistlock user with Operator capabilities to escalate privileges to that of another user. Active interaction with an affected component is required for the p...
Paloaltonetworks Twistlock
6.7
CVSSv3
CVE-2023-0001
An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or u...
Paloaltonetworks Cortex Xdr Agent
2 Github repositories
7.8
CVSSv3
CVE-2023-0002
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.
Paloaltonetworks Cortex Xdr Agent
1 Github repository
5.5
CVSSv3
CVE-2019-17435
A Local Privilege Escalation vulnerability exists in the GlobalProtect Agent for Windows 5.0.3 and previous versions, and GlobalProtect Agent for Windows 4.1.12 and previous versions, in which the auto-update feature can allow for modification of a GlobalProtect Agent MSI install...
Paloaltonetworks Globalprotect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »