Skip to main content

Paloalto

363 CVEs vendor

Monthly

CVE-2022-0029 MEDIUM This Month

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-0028 HIGH KEV THREAT This Week

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
8.6
EPSS
2.0%
CVE-2022-0027 MEDIUM This Month

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Cortex Xsoar
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-0026 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-0025 MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-0024 HIGH This Week

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-0023 MEDIUM This Month

An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2022-0022 MEDIUM This Month

Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.4
EPSS
0.1%
CVE-2021-3064 CRITICAL Act Now

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto Stack Overflow Pan Os
NVD
CVSS 3.1
9.8
EPSS
19.1%
CVE-2021-3063 HIGH This Week

An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-3062 HIGH This Week

An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-3061 HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Prisma Access Pan Os
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2021-3060 HIGH This Week

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Command Injection Paloalto Prisma Access Pan Os
NVD
CVSS 3.1
8.1
EPSS
33.9%
CVE-2021-3059 HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2021-3058 HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2021-3056 HIGH This Week

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2021-3057 HIGH This Week

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Microsoft Paloalto Stack Overflow +1
NVD
CVSS 3.1
8.1
EPSS
1.4%
CVE-2021-3055 MEDIUM This Month

An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service XXE Paloalto Pan Os
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-3054 MEDIUM This Month

A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Paloalto Pan Os
NVD
CVSS 3.1
6.6
EPSS
0.9%
CVE-2021-3053 HIGH This Week

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-3052 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-3051 HIGH This Week

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack Cortex Xsoar
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2021-3049 MEDIUM This Month

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-3050 HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2021-3048 MEDIUM This Month

Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2021-3047 LOW Monitor

A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
3.1
EPSS
0.5%
CVE-2021-3046 MEDIUM This Month

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-3045 MEDIUM This Month

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
CVSS 3.1
4.9
EPSS
0.8%
CVE-2021-3042 HIGH This Week

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-3044 CRITICAL Act Now

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-3041 HIGH This Week

A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-3039 LOW Monitor

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Prisma Cloud
NVD
CVSS 3.1
3.8
EPSS
0.5%
CVE-2021-3038 MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Information Disclosure Globalprotect
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-3037 LOW Monitor

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
2.3
EPSS
0.3%
CVE-2021-3036 MEDIUM This Month

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-3033 CRITICAL Act Now

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack Prisma Cloud
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-3032 MEDIUM This Month

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2021-3031 MEDIUM This Month

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2020-2049 HIGH This Week

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Cortex Xdr Agent
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2020-2050 HIGH This Week

An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
8.2
EPSS
1.0%
CVE-2020-2048 LOW Monitor

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2020-2022 HIGH This Week

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2020-2000 HIGH This Week

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
3.2%
CVE-2020-1999 MEDIUM This Month

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
5.3
EPSS
1.3%
CVE-2020-2044 LOW Monitor

An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
3.3
EPSS
0.7%
CVE-2020-2043 LOW Monitor

An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
3.3
EPSS
0.7%
CVE-2020-2042 HIGH This Week

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.3%
CVE-2020-2041 HIGH This Week

An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
7.5
EPSS
2.1%
CVE-2020-2040 CRITICAL Act Now

A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto Pan Os
NVD
CVSS 3.1
9.8
EPSS
3.9%
CVE-2020-2039 MEDIUM This Month

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
5.3
EPSS
46.4%
CVE-2020-2038 HIGH POC THREAT Act Now

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Paloalto Command Injection Pan Os
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
86.1%
CVE-2020-2037 HIGH This Week

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
3.6%
CVE-2020-2036 HIGH POC THREAT This Week

A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
23.9%
CVE-2020-2035 LOW Monitor

When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
3.0
EPSS
0.8%
CVE-2020-2034 HIGH This Week

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
8.1
EPSS
6.6%
CVE-2020-2031 MEDIUM This Month

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Integer Overflow Pan Os
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2020-2030 HIGH This Week

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.5%
CVE-2020-1982 MEDIUM This Month

Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.8
EPSS
0.4%
CVE-2020-2021 CRITICAL KEV THREAT Act Now

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Paloalto Pan Os
NVD
CVSS 3.1
10.0
EPSS
4.4%
CVE-2020-2033 MEDIUM This Month

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Paloalto Authentication Bypass Globalprotect
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2020-2032 HIGH This Week

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Paloalto Microsoft Information Disclosure Globalprotect
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-2029 HIGH This Week

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2020-2028 HIGH This Week

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
1.8%
CVE-2020-2027 HIGH This Week

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2020-2018 CRITICAL Act Now

An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
9.0
EPSS
1.3%
CVE-2020-2017 MEDIUM This Month

A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-2016 HIGH This Week

A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Paloalto Pan Os
NVD
CVSS 3.1
7.0
EPSS
0.6%
CVE-2020-2015 HIGH This Week

A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-2014 HIGH This Week

An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-2013 HIGH This Week

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2020-2012 HIGH This Week

Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto XXE Pan Os
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-2011 HIGH This Week

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2020-2010 HIGH This Week

An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2020-2009 HIGH This Week

An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Paloalto Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-2008 HIGH This Week

An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2020-2007 HIGH This Week

An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
CVSS 3.1
7.2
EPSS
2.2%
CVE-2020-2006 HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Paloalto Pan Os
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2020-2005 MEDIUM This Month

A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2020-2004 MEDIUM This Month

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Paloalto Google Information Disclosure +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2020-2003 MEDIUM This Month

An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2020-2002 HIGH This Week

An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2020-2001 CRITICAL Act Now

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2020-1998 HIGH This Week

An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2020-1997 MEDIUM This Month

An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Open Redirect Pan Os
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-1996 MEDIUM This Month

A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2020-1995 MEDIUM This Month

A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
4.9
EPSS
1.1%
CVE-2020-1994 MEDIUM This Month

A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2020-1993 MEDIUM This Month

The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Session Fixation Information Disclosure Pan Os
NVD
CVSS 3.1
5.4
EPSS
0.4%
CVE-2020-1992 CRITICAL Act Now

A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
CVSS 3.1
9.8
EPSS
3.4%
CVE-2020-1991 HIGH This Week

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files.0 versions before 5.0.8; 6.1 versions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft Apple Traps
NVD
CVSS 3.1
7.1
EPSS
0.3%
EPSS 0% CVSS 5.5
MEDIUM This Month

An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Paloalto +1
NVD
EPSS 2% CVSS 8.6
HIGH KEV THREAT This Week

A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Cortex Xsoar
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto +1
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Paloalto +1
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Paloalto Pan Os
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 19% CVSS 9.8
CRITICAL Act Now

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto +2
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Prisma Access +1
NVD
EPSS 34% CVSS 8.1
HIGH This Week

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

RCE Command Injection Paloalto +2
NVD
EPSS 2% CVSS 8.1
HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto +1
NVD
EPSS 1% CVSS 8.1
HIGH This Week

A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Buffer Overflow RCE Microsoft +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service XXE Paloalto +1
NVD
EPSS 1% CVSS 6.6
MEDIUM This Month

A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute. Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

RCE Paloalto Pan Os
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
EPSS 1% CVSS 8.1
HIGH This Week

An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR SAML authentication that enables an unauthenticated network-based attacker with specific knowledge of the. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack +1
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an authenticated network-based attacker with investigation read permissions to download files from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
EPSS 2% CVSS 8.8
HIGH This Week

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 0% CVSS 3.1
LOW Monitor

A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web interface. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Paloalto Pan Os
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Cortex Xsoar
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Privilege Escalation Paloalto +1
NVD
EPSS 1% CVSS 3.8
LOW Monitor

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Prisma Cloud
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Paloalto Information Disclosure +1
NVD
EPSS 0% CVSS 2.3
LOW Monitor

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Paloalto Jwt Attack +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +1
NVD
EPSS 1% CVSS 8.2
HIGH This Week

An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 0% CVSS 3.3
LOW Monitor

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 3% CVSS 7.2
HIGH This Week

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto +2
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 3.3
LOW Monitor

An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 3.3
LOW Monitor

An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 4% CVSS 9.8
CRITICAL Act Now

A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto +1
NVD
EPSS 46% CVSS 5.3
MEDIUM This Month

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 86% CVSS 7.2
HIGH POC THREAT Act Now

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Paloalto Command Injection Pan Os
NVD Exploit-DB
EPSS 4% CVSS 7.2
HIGH This Week

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 24% CVSS 8.8
HIGH POC THREAT This Week

A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
EPSS 1% CVSS 3.0
LOW Monitor

When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on. Rated low severity (CVSS 3.0), this vulnerability is remotely exploitable. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 7% CVSS 8.1
HIGH This Week

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Integer Overflow +1
NVD
EPSS 3% CVSS 7.2
HIGH This Week

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 0% CVSS 4.8
MEDIUM This Month

Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 4% CVSS 10.0
CRITICAL KEV THREAT Act Now

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Paloalto +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Paloalto Authentication Bypass Globalprotect
NVD
EPSS 0% CVSS 7.0
HIGH This Week

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. Rated high severity (CVSS 7.0). No vendor patch available.

Paloalto Microsoft Information Disclosure +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
EPSS 1% CVSS 7.0
HIGH This Week

A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Paloalto Pan Os
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Paloalto +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 2% CVSS 7.5
HIGH This Week

Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto XXE Pan Os
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Paloalto Pan Os
NVD
EPSS 3% CVSS 7.2
HIGH This Week

An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Command Injection +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Command Injection Pan Os
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow +2
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Apple Paloalto +3
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 1% CVSS 8.1
HIGH This Week

An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Open Redirect Pan Os
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Paloalto Authentication Bypass Pan Os
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes the rasmgr daemon to crash. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Paloalto +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files affecting the integrity of the system. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Paloalto Information Disclosure Pan Os
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Paloalto Session Fixation Information Disclosure +1
NVD
EPSS 3% CVSS 9.8
CRITICAL Act Now

A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Paloalto Pan Os
NVD
EPSS 0% CVSS 7.1
HIGH This Week

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files.0 versions before 5.0.8; 6.1 versions. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Paloalto Microsoft +2
NVD
Prev Page 3 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy