VYPR
Vendor

PAN OS

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2020-2006HigMay 13, 2020
    risk 0.47cvss 7.2epss 0.02

    A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14.

  • CVE-2020-1981HigMar 11, 2020
    risk 0.46cvss 7.0epss 0.00

    A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This…

  • CVE-2020-1998MedMay 13, 2020
    risk 0.35cvss 5.4epss 0.01

    An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and…

  • CVE-2020-1993LowMay 13, 2020
    risk 0.24cvss 3.7epss 0.00

    The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions…