Lucene search
+L

531 matches found

OSV
OSV
added 2022/02/10 6:15 p.m.5 views

CVE-2022-0011

PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed depending on your rules regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list EDL i...

6.5CVSS5.8AI score0.00663EPSS
Exploits0References1
Prion
Prion
added 2022/02/10 6:15 p.m.36 views

Code injection

PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed depending on your rules regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list EDL i...

4CVSS6.4AI score0.00663EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2021/11/10 5:15 p.m.22 views

CVE-2021-3062

An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to...

8.8CVSS0.00697EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.5 views

CVE-2021-3062

An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to...

8.8CVSS7.3AI score0.00697EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.5 views

CVE-2021-3059

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

8.1CVSS6AI score0.0154EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.4 views

CVE-2021-3064

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the...

9.8CVSS7.7AI score0.19087EPSS
Exploits1References1
OSV
OSV
added 2021/11/10 5:15 p.m.5 views

CVE-2021-3061

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....

7.2CVSS7.3AI score0.00859EPSS
Exploits0References1
NVD
NVD
added 2021/11/10 5:15 p.m.17 views

CVE-2021-3059

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

8.1CVSS0.0154EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.6 views

CVE-2021-3063

An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding...

7.5CVSS7.1AI score0.00904EPSS
Exploits0References1
NVD
NVD
added 2021/11/10 5:15 p.m.20 views

CVE-2021-3061

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....

9CVSS0.00859EPSS
Exploits0References1
NVD
NVD
added 2021/11/10 5:15 p.m.27 views

CVE-2021-3060

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol SCEP feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have...

9.3CVSS0.33875EPSS
Exploits1References3
NVD
NVD
added 2021/11/10 5:15 p.m.21 views

CVE-2021-3056

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions...

8.8CVSS0.01488EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.6 views

CVE-2021-3058

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;...

7.2CVSS6AI score0.01649EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 5:15 p.m.4 views

CVE-2021-3056

A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20; PAN-OS 9.0 versions...

8.8CVSS6AI score0.01488EPSS
Exploits0References1
NVD
NVD
added 2021/11/10 5:15 p.m.23 views

CVE-2021-3058

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;...

9CVSS0.01649EPSS
Exploits0References1
Prion
Prion
added 2021/11/10 5:15 p.m.16 views

Command injection

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....

9CVSS7.4AI score0.00859EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2021/11/10 5:15 p.m.15 views

Improper access control

An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS. Exploitation of this vulnerability enables an attacker to...

6CVSS8.5AI score0.00697EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/11/10 5:15 p.m.41 views

Memory corruption

A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the...

10CVSS9.7AI score0.19087EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/11/10 5:15 p.m.23 views

Command injection

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol SCEP feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have...

9.3CVSS8.5AI score0.33875EPSS
Exploits1References3Affected Software2
Prion
Prion
added 2021/11/10 5:15 p.m.17 views

Command injection

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

7.6CVSS8.5AI score0.0154EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder