19 matches found
EUVD-2020-22034
Malware in sbrugna...
CVE-2020-1999 PAN-OS: Threat signatures are evaded by specifically crafted packets
A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-bas...
CVE-2020-2041
An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS...
CVE-2020-2034
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if...
CVE-2020-2030
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue doe...
Command injection
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if...
CVE-2020-2034 PAN-OS: OS command injection vulnerability in GlobalProtect portal
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges. An attacker requires some knowledge of the firewall to exploit this issue. This issue can not be exploited if...
CVE-2020-2029
CVE-2020-2029 is an OS command injection vulnerability in PAN-OS web management interface. Authenticated administrators can execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for PAN-OS configuration. Affected are PAN-OS 8.0 (all version...
CVE-2020-2016
A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting anothe...
CVE-2020-2005
A cross-site scripting XSS vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0...
CVE-2020-1997
An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary redirection target away from the trusted GlobalProtect gateway. If the user then successfully authenticates it will cause them to access an unexpected and...
Command injection
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affect...
CVE-2020-2018 PAN-OS: Panorama authentication bypass vulnerability
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. This issue...
CVE-2020-2012 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak
Improper restriction of XML external entity reference 'XXE' vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue affects: All versions of...
PAN-OS: GlobalProtect Clientless VPN session hijacking
A cross-site scripting XSS vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0...
OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OS
The OpenSSL library has been updated in PAN-OS to resolve CVE-2019-1559. This is a cryptographic vulnerability that under certain situations may allow a remote attacker to decrypt data by observing server responses to different types of errors. This issue affects Palo Alto Networks PAN-OS 7.1...
Privilege Escalation in PAN-OS
Palo Alto Networks is aware of a use-after-free UAF vulnerability in the Linux kernel's sockfssetattr. Ref: PAN-113631/ CVE-2019-8912 Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. This issue affects PAN-OS 7.1.23 and earlier...
WGET Vulnerability
The wget library has been found to contain a vulnerability CVE 2016-4971. wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-59677/ CVE...
Palo Alto PAN-OS OpenSSL Vulnerability
The OpenSSL library has been found to contain a vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...