Vendor CVEs
Paloaltonetworks
All CVEs
417 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-2034 | 0.06 | — | 0.07 | Jul 8, 2020 | An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be… | |||
| CVE-2021-3064 | 0.05 | — | 0.19 | Nov 10, 2021 | A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have… | |||
| CVE-2021-3060 | 0.04 | — | 0.34 | Nov 10, 2021 | An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The… | |||
| CVE-2018-10141 | 0.04 | — | 0.04 | Oct 12, 2018 | GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML. | |||
| CVE-2022-0020 | 0.03 | — | 0.02 | Feb 10, 2022 | A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of… | |||
| CVE-2018-14894 | 0.03 | — | 0.02 | Apr 9, 2019 | CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications. | |||
| CVE-2015-2223 | 0.03 | — | 0.04 | Apr 14, 2015 | Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or… | |||
| CVE-2010-0475 | 0.03 | — | 0.04 | May 14, 2010 | Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter. | |||
| CVE-2024-9466 | 0.02 | — | 0.11 | Oct 9, 2024 | A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. | |||
| CVE-2018-10143 | 0.02 | — | 0.25 | Dec 12, 2018 | The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application. | |||
| CVE-2020-2039 | 0.01 | — | 0.46 | Sep 9, 2020 | An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to… | |||
| CVE-2003-1544 | 0.01 | — | 0.17 | Dec 31, 2003 | Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. | |||
| CVE-2026-0231 | 0.00 | — | 0.00 | Mar 11, 2026 | An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have… | |||
| CVE-2026-0230 | 0.00 | — | 0.00 | Mar 11, 2026 | A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection. | |||
| CVE-2026-2914 | 0.00 | — | 0.00 | Feb 25, 2026 | CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs | |||
| CVE-2026-0227 | 0.00 | — | 0.01 | Jan 15, 2026 | A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode. | |||
| CVE-2025-4614 | 0.00 | — | 0.00 | Oct 9, 2025 | An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security… | |||
| CVE-2025-4227 | 0.00 | — | 0.00 | Jun 13, 2025 | An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks… | |||
| CVE-2025-4231 | 0.00 | — | 0.01 | Jun 12, 2025 | A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud… | |||
| CVE-2025-4232 | 0.00 | — | 0.00 | Jun 12, 2025 | An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root. | |||
| CVE-2025-0135 | 0.00 | — | 0.00 | May 14, 2025 | An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app… | |||
| CVE-2025-0124 | 0.00 | — | 0.00 | Apr 11, 2025 | An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but… | |||
| CVE-2025-0120 | 0.00 | — | 0.00 | Apr 11, 2025 | A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local… | |||
| CVE-2025-0118 | 0.00 | — | 0.00 | Mar 12, 2025 | A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to… | |||
| CVE-2025-0114 | 0.00 | — | 0.00 | Mar 12, 2025 | A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both… | |||
| CVE-2025-0106 | 0.00 | — | 0.00 | Jan 11, 2025 | A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem. | |||
| CVE-2025-0105 | 0.00 | — | 0.13 | Jan 11, 2025 | An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem. | |||
| CVE-2025-0104 | 0.00 | — | 0.00 | Jan 11, 2025 | A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing… | |||
| CVE-2025-0103 | 0.00 | — | 0.01 | Jan 11, 2025 | An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read… | |||
| CVE-2024-5921 | 0.00 | — | 0.01 | Nov 27, 2024 | An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install… | |||
| CVE-2024-2550 | 0.00 | — | 0.01 | Nov 14, 2024 | A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS)… | |||
| CVE-2024-5920 | 0.00 | — | 0.00 | Nov 14, 2024 | A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform… | |||
| CVE-2024-5917 | 0.00 | — | 0.00 | Nov 14, 2024 | A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible. | |||
| CVE-2024-2552 | 0.00 | — | 0.00 | Nov 14, 2024 | A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. | |||
| CVE-2024-5918 | 0.00 | — | 0.00 | Nov 14, 2024 | An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is… | |||
| CVE-2024-5919 | 0.00 | — | 0.00 | Nov 14, 2024 | A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management… | |||
| CVE-2024-2551 | 0.00 | — | 0.00 | Nov 14, 2024 | A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts… | |||
| CVE-2024-9473 | 0.00 | — | 0.00 | Oct 9, 2024 | A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file… | |||
| CVE-2024-9471 | 0.00 | — | 0.00 | Oct 9, 2024 | A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example,… | |||
| CVE-2024-9469 | 0.00 | — | 0.00 | Oct 9, 2024 | A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious… | |||
| CVE-2024-9468 | 0.00 | — | 0.00 | Oct 9, 2024 | A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in… | |||
| CVE-2024-9467 | 0.00 | — | 0.01 | Oct 9, 2024 | A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session… | |||
| CVE-2024-8691 | 0.00 | — | 0.00 | Sep 11, 2024 | A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are… | |||
| CVE-2024-8690 | 0.00 | — | 0.00 | Sep 11, 2024 | A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious… | |||
| CVE-2024-8688 | 0.00 | — | 0.00 | Sep 11, 2024 | An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall. | |||
| CVE-2024-8687 | 0.00 | — | 0.00 | Sep 11, 2024 | An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end… | |||
| CVE-2024-8686 | 0.00 | — | 0.01 | Sep 11, 2024 | A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall. | |||
| CVE-2024-5916 | 0.00 | — | 0.00 | Aug 14, 2024 | An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets,… | |||
| CVE-2024-5915 | 0.00 | — | 0.00 | Aug 14, 2024 | A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. | |||
| CVE-2024-5914 | 0.00 | — | 0.01 | Aug 14, 2024 | A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container. |
- CVE-2020-2034Jul 8, 2020risk 0.06cvss —epss 0.07
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be…
- CVE-2021-3064Nov 10, 2021risk 0.05cvss —epss 0.19
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have…
- CVE-2021-3060Nov 10, 2021risk 0.04cvss —epss 0.34
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The…
- CVE-2018-10141Oct 12, 2018risk 0.04cvss —epss 0.04
GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
- CVE-2022-0020Feb 10, 2022risk 0.03cvss —epss 0.02
A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of…
- CVE-2018-14894Apr 9, 2019risk 0.03cvss —epss 0.02
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
- CVE-2015-2223Apr 14, 2015risk 0.03cvss —epss 0.04
Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or…
- CVE-2010-0475May 14, 2010risk 0.03cvss —epss 0.04
Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter.
- CVE-2024-9466Oct 9, 2024risk 0.02cvss —epss 0.11
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
- CVE-2018-10143Dec 12, 2018risk 0.02cvss —epss 0.25
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
- CVE-2020-2039Sep 9, 2020risk 0.01cvss —epss 0.46
An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to…
- CVE-2003-1544Dec 31, 2003risk 0.01cvss —epss 0.17
Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded.
- CVE-2026-0231Mar 11, 2026risk 0.00cvss —epss 0.00
An information disclosure vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an authenticated user to obtain and modify sensitive information by triggering live terminal session via Cortex UI and modifying any configuration setting. The attacker must have…
- CVE-2026-0230Mar 11, 2026risk 0.00cvss —epss 0.00
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on macOS allows a local administrator to disable the agent. This issue could be leveraged by malware to perform malicious activity without detection.
- CVE-2026-2914Feb 25, 2026risk 0.00cvss —epss 0.00
CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs
- CVE-2026-0227Jan 15, 2026risk 0.00cvss —epss 0.01
A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.
- CVE-2025-4614Oct 9, 2025risk 0.00cvss —epss 0.00
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked. The security…
- CVE-2025-4227Jun 13, 2025risk 0.00cvss —epss 0.00
An improper access control vulnerability in the Endpoint Traffic Policy Enforcement https://docs.paloaltonetworks.com/globalprotect/6-0/globalprotect-app-new-features/new-features-released-in-gp-app/endpoint-traffic-policy-enforcement feature of the Palo Alto Networks…
- CVE-2025-4231Jun 12, 2025risk 0.00cvss —epss 0.01
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud…
- CVE-2025-4232Jun 12, 2025risk 0.00cvss —epss 0.00
An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect™ app on macOS allows a non administrative user to escalate their privileges to root.
- CVE-2025-0135May 14, 2025risk 0.00cvss —epss 0.00
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app…
- CVE-2025-0124Apr 11, 2025risk 0.00cvss —epss 0.00
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but…
- CVE-2025-0120Apr 11, 2025risk 0.00cvss —epss 0.00
A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However, execution requires that the local…
- CVE-2025-0118Mar 12, 2025risk 0.00cvss —epss 0.00
A vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a remote attacker to run ActiveX controls within the context of an authenticated Windows user. This enables the attacker to run commands as if they are a legitimate authenticated user. However, to…
- CVE-2025-0114Mar 12, 2025risk 0.00cvss —epss 0.00
A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both…
- CVE-2025-0106Jan 11, 2025risk 0.00cvss —epss 0.00
A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.
- CVE-2025-0105Jan 11, 2025risk 0.00cvss —epss 0.13
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
- CVE-2025-0104Jan 11, 2025risk 0.00cvss —epss 0.00
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing…
- CVE-2025-0103Jan 11, 2025risk 0.00cvss —epss 0.01
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read…
- CVE-2024-5921Nov 27, 2024risk 0.00cvss —epss 0.01
An insufficient certification validation issue in the Palo Alto Networks GlobalProtect app enables attackers to connect the GlobalProtect app to arbitrary servers. This can enable a local non-administrative operating system user or an attacker on the same subnet to install…
- CVE-2024-2550Nov 14, 2024risk 0.00cvss —epss 0.01
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS)…
- CVE-2024-5920Nov 14, 2024risk 0.00cvss —epss 0.00
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform…
- CVE-2024-5917Nov 14, 2024risk 0.00cvss —epss 0.00
A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
- CVE-2024-2552Nov 14, 2024risk 0.00cvss —epss 0.00
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.
- CVE-2024-5918Nov 14, 2024risk 0.00cvss —epss 0.00
An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is…
- CVE-2024-5919Nov 14, 2024risk 0.00cvss —epss 0.00
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management…
- CVE-2024-2551Nov 14, 2024risk 0.00cvss —epss 0.00
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts…
- CVE-2024-9473Oct 9, 2024risk 0.00cvss —epss 0.00
A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY/SYSTEM through the use of the repair functionality offered by the .msi file…
- CVE-2024-9471Oct 9, 2024risk 0.00cvss —epss 0.00
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example,…
- CVE-2024-9469Oct 9, 2024risk 0.00cvss —epss 0.00
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows non-administrative privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious…
- CVE-2024-9468Oct 9, 2024risk 0.00cvss —epss 0.00
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in…
- CVE-2024-9467Oct 9, 2024risk 0.00cvss —epss 0.01
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session…
- CVE-2024-8691Sep 11, 2024risk 0.00cvss —epss 0.00
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are…
- CVE-2024-8690Sep 11, 2024risk 0.00cvss —epss 0.00
A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious…
- CVE-2024-8688Sep 11, 2024risk 0.00cvss —epss 0.00
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.
- CVE-2024-8687Sep 11, 2024risk 0.00cvss —epss 0.00
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end…
- CVE-2024-8686Sep 11, 2024risk 0.00cvss —epss 0.01
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.
- CVE-2024-5916Aug 14, 2024risk 0.00cvss —epss 0.00
An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets,…
- CVE-2024-5915Aug 14, 2024risk 0.00cvss —epss 0.00
A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges.
- CVE-2024-5914Aug 14, 2024risk 0.00cvss —epss 0.01
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container.
Page 4 of 9