CVE-2024-5911 PAN-OS: File Upload Vulnerability in the Panorama Web Interface

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which...

The vulnerability of the panorama.pm web interface component in monitoring consoles for Naemon, Nagios, Icinga, and Shinken THRUK allows a hacker to load any file they desire.

The vulnerability of the panorama.pm web interface of the monitoring console for Naemon, Nagios, Icinga, and Shinken THRUK relates to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to download any file remotely...

CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed...

CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed...

PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed. Work around:...