Pan OS
CVEs (240)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-2552 | 0.00 | — | 0.00 | Nov 14, 2024 | A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. | |||
| CVE-2024-5918 | 0.00 | — | 0.00 | Nov 14, 2024 | An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is… | |||
| CVE-2024-5919 | 0.00 | — | 0.00 | Nov 14, 2024 | A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management… | |||
| CVE-2024-2551 | 0.00 | — | 0.00 | Nov 14, 2024 | A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts… | |||
| CVE-2024-9471 | 0.00 | — | 0.00 | Oct 9, 2024 | A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example,… | |||
| CVE-2024-9468 | 0.00 | — | 0.00 | Oct 9, 2024 | A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in… | |||
| CVE-2024-8691 | 0.00 | — | 0.00 | Sep 11, 2024 | A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are… | |||
| CVE-2024-8688 | 0.00 | — | 0.00 | Sep 11, 2024 | An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall. | |||
| CVE-2024-8687 | 0.00 | — | 0.00 | Sep 11, 2024 | An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end… | |||
| CVE-2024-8686 | 0.00 | — | 0.01 | Sep 11, 2024 | A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall. | |||
| CVE-2024-5916 | 0.00 | — | 0.00 | Aug 14, 2024 | An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets,… | |||
| CVE-2024-5913 | 0.00 | — | 0.00 | Jul 10, 2024 | An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges. | |||
| CVE-2024-5911 | 0.00 | — | 0.01 | Jul 10, 2024 | An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter… | |||
| CVE-2024-3388 | 0.00 | — | 0.00 | Apr 10, 2024 | A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from… | |||
| CVE-2024-3387 | 0.00 | — | 0.00 | Apr 10, 2024 | A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing… | |||
| CVE-2024-3386 | 0.00 | — | 0.00 | Apr 10, 2024 | An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally… | |||
| CVE-2024-3385 | 0.00 | — | 0.01 | Apr 10, 2024 | A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This… | |||
| CVE-2024-3384 | 0.00 | — | 0.01 | Apr 10, 2024 | A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which… | |||
| CVE-2024-3383 | 0.00 | — | 0.01 | Apr 10, 2024 | A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to… | |||
| CVE-2024-3382 | 0.00 | — | 0.01 | Apr 10, 2024 | A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS… |
- CVE-2024-2552Nov 14, 2024risk 0.00cvss —epss 0.00
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.
- CVE-2024-5918Nov 14, 2024risk 0.00cvss —epss 0.00
An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is…
- CVE-2024-5919Nov 14, 2024risk 0.00cvss —epss 0.00
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management…
- CVE-2024-2551Nov 14, 2024risk 0.00cvss —epss 0.00
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts…
- CVE-2024-9471Oct 9, 2024risk 0.00cvss —epss 0.00
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example,…
- CVE-2024-9468Oct 9, 2024risk 0.00cvss —epss 0.00
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in…
- CVE-2024-8691Sep 11, 2024risk 0.00cvss —epss 0.00
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are…
- CVE-2024-8688Sep 11, 2024risk 0.00cvss —epss 0.00
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.
- CVE-2024-8687Sep 11, 2024risk 0.00cvss —epss 0.00
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end…
- CVE-2024-8686Sep 11, 2024risk 0.00cvss —epss 0.01
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
- CVE-2024-5916Aug 14, 2024risk 0.00cvss —epss 0.00
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets,…
- CVE-2024-5913Jul 10, 2024risk 0.00cvss —epss 0.00
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.
- CVE-2024-5911Jul 10, 2024risk 0.00cvss —epss 0.01
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter…
- CVE-2024-3388Apr 10, 2024risk 0.00cvss —epss 0.00
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from…
- CVE-2024-3387Apr 10, 2024risk 0.00cvss —epss 0.00
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing…
- CVE-2024-3386Apr 10, 2024risk 0.00cvss —epss 0.00
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally…
- CVE-2024-3385Apr 10, 2024risk 0.00cvss —epss 0.01
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online. This…
- CVE-2024-3384Apr 10, 2024risk 0.00cvss —epss 0.01
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which…
- CVE-2024-3383Apr 10, 2024risk 0.00cvss —epss 0.01
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to…
- CVE-2024-3382Apr 10, 2024risk 0.00cvss —epss 0.01
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS…
Page 6 of 12