2 matches found
Palo Alto Networks PAN-OS 8.1.x / 9.0.x / 9.1.x / 10.0.x Improper Input Validation
The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x or 9.0.x or 9.1.x or 10.0.x. It is, therefore, affected by a improper input validation vulnerability. - When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL...
CVE-2020-2035
CVE-2020-2035 (PAN-OS) affects PAN-OS when SSL/TLS Forward Proxy Decryption is enabled. The URL filtering policy inspects HTTP Host/URL path but ignores the TLS Client Hello SNI, allowing a compromised host to evade policies on decrypted HTTPS traffic. Impact is described as low for integrity; no...