510 matches found
Brute force attack on the PAN-OS GlobalProtect external interface
A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for an attacker to brute force a username on PAN-OS GlobalProtect external Interface. The vulnerability is caused by PAN-OS provided different responses when supplying login credentials. Ref PAN-72769 /...
OpenSSL Vulnerability
The OpenSSL library has been found to contain vulnerability CVE-2017-3731. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-73914 / CVE-2017-3731 The OpenSSL library in use by PAN-OS is patched on a regular basis. This issue affects PAN-OS 6.1, PAN-OS...
Cross-Site Scripting (XSS) in GlobalProtect Portal Login Page
A Cross-Site Scripting XSS vulnerability exists in the PAN-OS GlobalProtect Portal Login page. Ref. PAN-99830; CVE-2018-10141 Successful exploitation of this issue may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. This issue affects PAN-OS 8.1.3 and earlier. PAN-OS 8.0...
OpenSSL Vulnerabilities in PAN-OS
The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. Ref PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739...
Denial of Service in PAN-OS Management Web Interface
Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. Ref PAN-93089, CVE-2018-8715 A specially crafted HTTP POST request with an invalid “If-modified" header...
XML External Entity (XXE) in PAN-OS
A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface that could allow for XML External Entity XXE attack. PAN-OS does not properly parse XML input. Ref PAN-75688 / CVE-2017-9458 Successful exploitation of this issue may allow disclosure of information, denial o...
OpenSSL Vulnerability
The OpenSSL library has been found to contain vulnerability CVE-2016-8610. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-68543 / CVE-2016-8610 The OpenSSL library in use by PAN-OS is patched on a regular basis. This issue affects PAN-OS 6.1.17 and...
Vulnerability in PAN-OS and Panorama on Management Interface
Through the exploitation of a combination of unrelated vulnerabilities, and via the management interface of the device, an attacker could remotely execute code on PAN-OS or Panorama in the context of the highest privileged user. Ref PAN-61094 / PAN-80990 / PAN-80993 / PAN-80994 / CVE-2017-15944...
Information about SegmentSmack findings
Palo Alto Networks is aware of recent vulnerability disclousre, known as SegmentSmack, that affects Linux kernel 4.9 and later. At this time, our findings show that Palo Alto Networks PAN-OS devices are not vulnerable to this disclosure CVE-2018-5390. PAN-OS/Panorama platforms are not impacted by...
Information about Meltdown and Spectre findings
Palo Alto Networks is aware of recent vulnerability disclosures, known as Meltdown and Spectre, that affect modern CPU architectures. At this time, our findings show that these vulnerabilities pose no increased risk to Palo Alto Networks PAN-OS devices. CVE-2017-5715, CVE-2017-5753, and...
Information about FragmentSmack findings
Palo Alto Networks is aware of recent vulnerability disclosure, known as FragmentSmack, that affects Linux kernel 3.9 and later. At this time, our findings show that some Palo Alto Networks devices running specific versions of PAN-OS are vulnerable to this disclosure. CVE-2018-5391. This security...
NTP Vulnerability
The Network Time Protocol NTP library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall. Ref PAN-76130 / CVE-2017-6460 Successful exploitation o...
Meltdown and Spectre update for WildFire-500 Appliance
Palo Alto Networks has determined that the WildFire-500 WF-500 appliance is affected by the vulnerability disclosures known as Meltdown and Spectre, and has completed an update to address these issues. The WF-500 software update is now available to customers that use the WF-500 appliance for...
Cross Site Scripting Vulnerability in PAN-OS GlobalProtect
A vulnerability exists in PAN-OS GlobalProtect when either the gateway or the portal are configured. This issue could allow for a cross-site scripting XSS attack. Ref PAN-81586 / CVE-2017-15941 Successful exploitation of this issue may allow an attacker to inject arbitrary javascript or HTML. Thi...
Denial of Service Against GlobalProtect
A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. Ref PAN-78127 / CVE-2017-15942 PAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial o...
Cross-Site Scripting in PAN-OS
A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for a cross-site scripting XSS attack. PAN-OS does not properly validate specific request parameters. Ref PAN-70674 / CVE-2017-7409 Successful exploitation of this issue may allow an attacker to inject arbitrar...
Vulnerability in the PAN-OS DNS Proxy
A Remote Code Execution vulnerability exists in the PAN-OS DNS Proxy. This issue affects customers who have DNS Proxy enabled in PAN-OS. This issue affects both the Data and Management planes of the firewall. When DNS Proxy processes a specially crafted fully qualified domain names FQDN, it is...
Cross-Site Scripting in the Management Web Interface
A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...
Local Privilege Escalation in Terminal Server Agent
A local privilege escalation vulnerability exists in Terminal Server Agent ref PAN-67756 / CVE-2017-5329. Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions. This issue...
Local Privilege Escalation
Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...
Command Injection in PAN-OS
A vulnerability exists in the PAN-OS web interface packet capture management that could allow an authenticated user to inject arbitrary commands. Ref PAN-81892 / CVE-2017-15940 PAN-OS contains a vulnerability that may allow for post authentication command injection This issue affects PAN-OS 6.1.1...
Cross-Site Scripting (XSS) in PAN-OS Management Web Interface
A Cross-Site Scripting XSS vulnerability exists in the PAN-OS session browser. Ref. PAN-93244; CVE-2018-9335 Successful exploitation of this issue may allow an attacker to inject arbitrary JavaScript or HTML. An attacker would need to successfully authenticate prior to exploiting this issue. This...
Cross-Site Scripting (XSS) in GlobalProtect Gateway
A Cross-Site Scripting XSS vulnerability exists in a PAN-OS response for GlobalProtect Gateway. Ref. PAN-84836; CVE-2018-10139 Successful exploitation of this issue may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. This issue affects PAN-OS 6.1.21 and earlier, PAN-OS...
Kernel Vulnerability
A vulnerability exists in the kernel of PAN-OS that may result in Information Disclosure. The challenge ACK rate limiting in the kernel's networking subsystem may allow an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rat...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface that could result in Information Disclosure. Ref PAN-70428 / CVE-2017-5583 PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files...
Information about L1 Terminal Fault findings
Palo Alto Networks is aware of recent vulnerability disclosures, known as L1 Terminal Fault, that affect modern CPU architectures. At this time, our findings show that these vulnerabilities pose no increased risk to Palo Alto Networks PAN-OS devices. CVE-2018-3615, CVE-2018-3620, and CVE-2017-364...
Kernel Vulnerability
A vulnerability exists in the Linux kernel of PAN-OS that may result in Remote Code Execution. A vulnerability in the Linux kernel networking subsystem for UDP could enable an attacker to execute arbitrary code within the context of the kernel. The Data Plane DP of PAN-OS is not affected by this...
Server-Side Request Forgery in PAN-OS
A vulnerability exists in the PAN-OS web interface in the configuration file import for applications, spyware and vulnerability objects. Exploitation of this vulnerability allows for the parsing of external entities and could lead a PAN-OS device to connect to and disclose limited information to...
Cross Site Scripting in PAN-OS
A Cross-Site Scripting XSS vulnerability exists in the PAN-OS URL filtering “continue page” Ref PAN-OS 90835, CVE-2018-7636. PAN-OS software does not properly validate specific request parameters. Successful exploitation of this issue may allow an attacker to inject arbitrary JavaScript or HTML i...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface that could allow for Information Disclosure. The Management Web Interface does not properly validate specific request parameters which can potentially allow for Information Disclosure. Ref PAN-70434 / CVE-2017-7216 Successfully exploiting thi...
Cross-Site Scripting (XSS) in PAN-OS Management Web Interface
A Cross-Site Scripting XSS vulnerability exists in a PAN-OS web interface administration page. Ref. PAN-93242; CVE-2018-9337 Successful exploitation of this issue may allow an attacker to inject arbitrary JavaScript or HTML An attacker would need to successfully authenticate prior to exploiting...
Kernel Vulnerability
A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...
Cross-Site Scripting in PAN-OS
A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface. This issue could allow for a cross-site scripting XSS attack. PAN-OS does not properly validate specific request parameters. Ref PAN-76003 / CVE-2017-12416 Successful exploitation of this issue may allow an...
GlobalProtect App Vulnerability
An "image path execution hijacking" vulnerability affects the Palo Alto Networks Global Protect Client. Exploitation of this issue requires the root privileges on the local station. An attacker could exploit this vulnerability to obtain a certain level of persistence on the compromised host. ref...
Cross-Site Scripting in PAN-OS
A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for a cross-site scripting XSS attack. PAN-OS does not properly validate specific request parameters. Ref PAN-77294 / CVE-2017-9467 Successful exploitation of this issue may allow an attacker to inject arbitrar...
Local Privilege Escalation in Management Web Interface
A vulnerability exists in the Management web interface that could allow local privilege escalation. The Management web interface does not properly validate specific request parameters, which can potentially allow deletion of files in the system. Ref. PAN-90954; CVE-2018-9242 Successful exploitati...
ROBOT attack against PAN-OS
ROBOT is an attack that affects the TLS RSA key exchange and could lead to decryption of captured sessions if the TLS server originally serving said captured session is still alive, vulnerable and using the same private key. PAN-89936 / CVE-2017-17841 While SSL Decryption and GlobalProtect are...
Cross Site Scripting in PAN-OS Captive Portal
A vulnerability exists in PAN-OS Captive Portal that could allow for a cross-site scripting XSS attack to be performed against clients viewing the captive portal page when configured in a certain way. Ref PAN-85238 / CVE-2017-16878 Successful exploitation of this issue may allow an attacker to...
Information Disclosure in the PAN-OS Management Web Interface
A local privilege escalation vulnerability exists in the PAN-OS management web interface that allows the administrator to access the password hashes of local users by manipulating the HTML markup. Ref. PAN-91564; CVE-2018-9334 Successful exploitation of this issue requires the attacker to be...
Spoofing in Terminal Server Agent
A spoofing vulnerability exists in Terminal Server Agent ref PAN-67269 / CVE-2017-5328. Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user. This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier Work...
Temporary DoS for Traps Agent
A vulnerability exists with the Traps ESM Console that could allow an attacker to cause a temporary Denial of Service DoS to a Traps agent. The ESM Console does not properly validate requests to revoke a Traps agent license. Ref CYV-11547 / CVE-2017-7408 Successfully exploiting this issue revokes...
Local Privilege Escalation in the Management Web Interface
A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. Ref PAN-70426/ CVE-2017-7218 Successfully...
Information Disclosure in Terminal Server Agent
An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...
Tampering of temporary export files in the Management Web Interface
A vulnerability exists in the Management Web Interface that could allow an attacker to tamper with export files. The Management Web Interface does not properly validate specific request parameters which can potentially allow arbitrary data to be written to export files. Ref PAN- 70436 /...
Cross-Site Scripting in the Management Web Interface
A reflected cross-site scripting XSS vulnerability exists in the management web interface. PAN-OS contains an unauthenticated vulnerability that may allow for a reflected cross-site scripting XSS attack of the management web interface. ref PAN-76455 / CVE-2017-9459. Successful exploitation of thi...
Denial of Service in PAN-OS Management Web Interface
A Denial of Service exists in PAN-OS Management Web Interface that allows an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. Ref PAN-100189, CVE-2018-10140 This vulnerability can be triggered by an authenticated user...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface of PAN-OS, that could allow for Information Disclosure. The Management Web Interface does not properly validate certain permissions which could allow for Information Disclosure. Ref PAN-70541 / CVE-2017-7644 Successfully exploiting this issue...
WGET Vulnerability
The wget library has been found to contain a vulnerability CVE 2016-4971. wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. Ref PAN-59677/ CVE...
OpenSSH Vulnerability
Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. Ref 100977/CVE-2016-6210. To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issu...
Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965
The Palo Alto Networks Product Security Assurance team has completed its evaluation of the Spring Cloud Function vulnerability CVE-2022-22963 and Spring Core vulnerability CVE-2022-22965 for all products and services. All Palo Alto Networks cloud services with possible impact have been mitigated...