Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.
Information Disclosure
Secureconnect
NVD
CVSS 3.1
3.9
EPSS
0.3%
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.
Paloalto
Information Disclosure
Pan Os
NVD
CVSS 3.1
3.0
EPSS
0.8%