VYPR

PAN-OS Panorama

by Paloaltonetworks

CVEs (22)

  • CVE-2020-2021CriKEVJun 29, 2020
    risk 0.83cvss 10.0epss 0.04

    When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access…

  • CVE-2025-0107CriJan 11, 2025
    risk 0.70cvss 9.8epss 0.78

    An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API…

  • CVE-2025-0105CriJan 11, 2025
    risk 0.60cvss 9.1epss 0.13

    An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.

  • CVE-2025-0103HigJan 11, 2025
    risk 0.57cvss 8.8epss 0.01

    An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read…

  • CVE-2020-2017HigMay 13, 2020
    risk 0.57cvss 8.8epss 0.01

    A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in…

  • CVE-2020-2013HigMay 13, 2020
    risk 0.54cvss 8.3epss 0.01

    A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected…

  • CVE-2020-2001HigMay 13, 2020
    risk 0.53cvss 8.1epss 0.01

    An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges. This…

  • CVE-2020-1979HigMar 11, 2020
    risk 0.53cvss 8.1epss 0.01

    A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating…

  • CVE-2020-2022HigNov 12, 2020
    risk 0.49cvss 7.5epss 0.01

    An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability…

  • CVE-2020-2012HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.02

    Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue…

  • CVE-2020-2011HigMay 13, 2020
    risk 0.49cvss 7.5epss 0.02

    An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated…

  • CVE-2026-0265HigMay 13, 2026
    risk 0.47cvss epss 0.00

    An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management…

  • CVE-2020-2009HigMay 13, 2020
    risk 0.47cvss 7.2epss 0.02

    An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases…

  • CVE-2026-0261MedMay 13, 2026
    risk 0.40cvss epss 0.01

    Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web…

  • CVE-2025-0104MedJan 11, 2025
    risk 0.40cvss 6.1epss 0.00

    A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing…

  • CVE-2026-0272MedJun 10, 2026
    risk 0.39cvss epss 0.00

    A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface (CLI) to perform actions on the device with root privileges. The security risk posed by this issue is significantly…

  • CVE-2020-1996MedMay 13, 2020
    risk 0.35cvss 5.3epss 0.01

    A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries…

  • CVE-2025-0106MedJan 11, 2025
    risk 0.34cvss 5.3epss 0.00

    A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.

  • CVE-2024-3387MedApr 10, 2024
    risk 0.34cvss 5.3epss 0.00

    A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing…

  • CVE-2024-5911MedJul 10, 2024
    risk 0.32cvss 4.9epss 0.01

    An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter…

Page 1 of 2