Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h16 / 10.2.x < 10.2.16-h1 / 11.1.x < 11.1.10 / 11.2.x < 11.2.7 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h16, 10.2.x prior to 10.2.16-h1, 11.1.x prior to 11.1.10, or 11.2.x prior to 11.2.7. It is, therefore, affected by a vulnerability. An information disclosure vulnerability in the SD-WAN feature of Palo...

Denial of Service in PAN-OS Management Web Interface

Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. Ref PAN-93089, CVE-2018-8715 A specially crafted HTTP POST request with an invalid “If-modified" header...

GlobalProtect Portal Version Disclosure

A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. Ref PAN-60568/99786...

Cross-site scripting vulnerability

A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. Ref 90635 CVE-2016-2219. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious...