4 matches found
Cross-site scripting vulnerability
A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. Ref 64563. This vulnerability has been assigned CVE-2014-3764. This issue affects the management interface of the device, whe...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34502 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.1 an...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34299 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an...
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 30088 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier. Work...