Lucene search
K

10 matches found

The Hacker News
The Hacker News
added 2024/07/11 3:19 p.m.103 views

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 CVSS score: 9.3, the vulnerability has been described as a case of missing authentication in its...

9.8CVSS9.3AI score0.91783EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2022/08/11 12:0 a.m.64 views

Palo Alto Networks PAN-OS 8.1.x < 8.1.23-h1 / 9.0.x < 9.0.16-h3 / 9.1.x < 9.1.14-h4 / 10.0.x < 10.0.11-h1 / 10.1.x < 10.1.6-h6 / 10.2.x < 10.2.2-h2 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 8.1.x prior to 8.1.23-h1 or 9.0.x prior to 9.0.16-h3 or 9.1.x prior to 9.1.14-h4 or 10.0.x prior to 10.0.11-h1 or 10.1.x prior to 10.1.6-h6 or 10.2.x prior to 10.2.2-h2. It is, therefore, affected by a vulnerability. - A PAN-O...

8.6CVSS8.1AI score0.02041EPSS
Exploits0References2
NVD
NVD
added 2021/11/10 5:15 p.m.27 views

CVE-2021-3060

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol SCEP feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have...

9.3CVSS0.33875EPSS
Exploits1References3
NVD
NVD
added 2021/11/10 5:15 p.m.23 views

CVE-2021-3058

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;...

9CVSS0.01649EPSS
Exploits0References1
Prion
Prion
added 2021/11/10 5:15 p.m.16 views

Command injection

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....

9CVSS7.4AI score0.00859EPSS
Exploits0References1Affected Software2
Prion
Prion
added 2021/11/10 5:15 p.m.23 views

Command injection

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol SCEP feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have...

9.3CVSS8.5AI score0.33875EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2021/11/10 5:10 p.m.26 views

CVE-2021-3063 PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces

An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding...

7.5CVSS7.6AI score0.00904EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/10 5:10 p.m.23 views

CVE-2021-3061 PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface CLI enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9....

6.4CVSS7.6AI score0.00859EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/10 5:10 p.m.22 views

CVE-2021-3059 PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than...

8.1CVSS8.7AI score0.0154EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/08/11 5:10 p.m.23 views

CVE-2021-3050 PAN-OS: OS Command Injection Vulnerability in Web Interface

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;...

8.8CVSS9.3AI score0.01779EPSS
Exploits0References1
Rows per page
Query Builder