Lucene search
K

11 matches found

OSV
OSV
added 2023/05/10 5:15 p.m.5 views

CVE-2023-0007

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed...

4.8CVSS6.2AI score0.00427EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/05/22 12:0 a.m.24 views

Palo Alto Networks PAN-OS 7.1.x < 8.1.14 / 8.0.x < 8.1.14 / 8.1.x < 8.1.14 / 9.0.x < 9.0.9 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 7.1.x prior to 8.1.14 or 8.0.x prior to 8.1.14 or 8.1.x prior to 8.1.14 or 9.0.x prior to 9.0.9. It is, therefore, affected by a vulnerability. - A missing authorization vulnerability in the management server component of PAN-...

5.3CVSS5.7AI score0.00905EPSS
Exploits0References3
NVD
NVD
added 2020/05/13 7:15 p.m.19 views

CVE-2020-2013

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama versio...

8.8CVSS8.4AI score0.00639EPSS
Exploits0References1
OSV
OSV
added 2020/05/13 7:15 p.m.3 views

CVE-2020-2013

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama versio...

8.8CVSS7.3AI score0.00639EPSS
Exploits0References1
NVD
NVD
added 2020/05/13 7:15 p.m.19 views

CVE-2020-2011

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this...

7.8CVSS7.5AI score0.01846EPSS
Exploits0References1
OSV
OSV
added 2020/05/13 7:15 p.m.5 views

CVE-2020-1996

A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log fil...

5.3CVSS6.1AI score0.00905EPSS
Exploits0References1
Prion
Prion
added 2020/05/13 7:15 p.m.17 views

Authorization

A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log fil...

5CVSS5.2AI score0.00905EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/05/13 7:15 p.m.18 views

Input validation

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this...

7.8CVSS7.5AI score0.01846EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/05/13 7:15 p.m.22 views

Design/Logic Flaw

A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama versio...

6.8CVSS8.3AI score0.00639EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/05/13 7:7 p.m.21 views

CVE-2020-2011 PAN-OS: Panorama registration denial of service

An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this...

7.5CVSS7.5AI score0.01846EPSS
Exploits0References1
CVE
CVE
added 2020/05/13 7:7 p.m.78 views

CVE-2020-2011

CVE-2020-2011 affects Palo Alto Networks PAN-OS Panorama: an improper input validation in the configuration daemon allows a remote unauthenticated user to send a crafted registration request that crashes the configuration service, causing DoS to all PAN-OS Panorama services and forcing a restart ...

7.8CVSS7.5AI score0.01846EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder