Lucene search
K
PaloaltoRecent

510 matches found

Palo Alto Networks
Palo Alto Networks
added 2016/06/27 12:0 a.m.108 views

PAN-OS API denial of service

Palo Alto Networks firewalls offer an API to query and modify the configuration of the device. While access to this API is protected by the use of an API key, an issue was recently identified leading to a potential unauthenticated denial of service attack. Ref 91728...

6.9AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/05/23 12:0 a.m.25 views

User-ID API Access

The Palo Alto Networks User-ID agent for Windows implements an API to retrieve the agent’s configuration. This TLS-secured API call returns encrypted credentials to the domain account configured on the User-ID agent, which has read-only rights for Security Event Logs on Domain Controllers. Anyone...

7AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
added 2016/04/18 12:0 a.m.175 views

HTTP Header Evasion

An evasion was identified whereby a user could specially craft an HTTP header to evade URL filtering on Palo Alto Networks firewalls. Ref 93838...

6.8AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.127 views

Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface

When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. Ref. 89750 CVE-2016-3656 This issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a...

1.9AI score0.01817EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.140 views

Unauthenticated Command Injection in Management Web Interface

Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the...

3.4AI score0.03201EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.89 views

Command Injection in Command Line Interface

Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level...

5.1AI score0.02585EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.21 views

Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface

When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. Ref. 89752 CVE-2016-3657 An attacker with network access to the...

9.8CVSS8.4AI score0.0477EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.97 views

Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface

When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. Ref. 89752 CVE-2016-3657 An attacker with network access to the...

1.6AI score0.0477EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.21 views

Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface

When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. Ref. 89750 CVE-2016-3656 This issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a...

7.5CVSS7.1AI score0.01817EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.29 views

Command Injection in Command Line Interface

Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level...

7.2CVSS8.2AI score0.02585EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2016/02/24 6:30 p.m.23 views

Unauthenticated Command Injection in Management Web Interface

Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the...

9.8CVSS8AI score0.03201EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2016/02/23 8:0 a.m.109 views

ESM Console XSS vulnerability

A cross-site scripting vulnerability exists in the web-based console management. This vulnerability has been assigned CVE-2015-2223. This issue affects the management interface of Traps, where an authenticated administrator may be tricked into injecting malicious JavaScript into the web UI...

5.6AI score0.04036EPSS
Exploits5References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2016/02/23 8:0 a.m.8 views

ESM Console XSS vulnerability

A cross-site scripting vulnerability exists in the web-based console management. This vulnerability has been assigned CVE-2015-2223. This issue affects the management interface of Traps, where an authenticated administrator may be tricked into injecting malicious JavaScript into the web UI...

4.3CVSS6.3AI score0.04036EPSS
Exploits5References1
Palo Alto Networks
Palo Alto Networks
added 2015/11/09 12:0 a.m.14 views

API key automatic revocation

An issue has been identified in PAN-OS that prevents old management API keys for local administrator accounts from being invalidated upon password change until the device is rebooted. This issue can create a period of time during which an administrator changes the account password, thus creating ...

6.8AI score
Exploits0Affected Software2
Palo Alto Networks
Palo Alto Networks
added 2015/07/24 12:0 a.m.56 views

Device management authentication bypass

Devices running PAN-OS 7.0.0 including Panorama that are configured to use LDAP for captive portal or device management authentication do not properly perform authentication against the LDAP server in specific cases, leading to an authentication bypass. There is no issue if you are using Radius o...

6.8AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2015/05/29 7:0 a.m.21 views

XML External Entity (XXE) Vulnerability

An XML parsing vulnerability exists in PAN-OS allowing a malicious user within PAN-OS to inject malicious XML data into the web-based device management front-end allowing the user to retrieve arbitrary content from the device. The user must be an authenticated user issuing the request. Ref 71273...

6.4AI score0.01029EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2015/05/29 7:0 a.m.16 views

XML External Entity (XXE) Vulnerability

An XML parsing vulnerability exists in PAN-OS allowing a malicious user within PAN-OS to inject malicious XML data into the web-based device management front-end allowing the user to retrieve arbitrary content from the device. The user must be an authenticated user issuing the request. Ref 71273...

4CVSS7AI score0.01029EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2015/05/14 12:0 a.m.14 views

Cross-site Scripting Vulnerability

A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. Ref 73638...

6.1AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2015/02/02 8:0 a.m.177 views

GHOST: glibc vulnerability

The open source library “glibc” has been found to contain a recently discovered vulnerability CVE-2015-0235, commonly referred to as “GHOST” that has been demonstrated to enable remote code execution in some software. Palo Alto Networks software makes use of the vulnerable library, however there ...

8AI score0.94859EPSS
Exploits29References1
Palo Alto Networks
Palo Alto Networks
added 2015/02/02 8:0 a.m.22 views

GHOST: glibc vulnerability

The open source library “glibc” has been found to contain a recently discovered vulnerability CVE-2015-0235, commonly referred to as “GHOST” that has been demonstrated to enable remote code execution in some software. Palo Alto Networks software makes use of the vulnerable library, however there ...

10CVSS8AI score0.94859EPSS
Exploits29References1
Palo Alto Networks
Palo Alto Networks
added 2015/01/12 8:0 a.m.187 views

Padding-oracle attack on TLS CBC cipher mode

A vulnerability affecting some implementations of TLS 1.x with CBC cipher modes has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions CVE-2014-8730. This padding-oracle attack on TLS CBC cipher modes is a variant of the POODLE vulnerability,...

4.6AI score0.1372EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2015/01/12 8:0 a.m.11 views

Padding-oracle attack on TLS CBC cipher mode

A vulnerability affecting some implementations of TLS 1.x with CBC cipher modes has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions CVE-2014-8730. This padding-oracle attack on TLS CBC cipher modes is a variant of the POODLE vulnerability,...

4.3CVSS6.4AI score0.1372EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2014/12/22 8:0 a.m.34 views

Cross-site scripting vulnerability

A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. Ref 64563. This vulnerability has been assigned CVE-2014-3764. This issue affects the management interface of the device, whe...

5.6AI score0.01362EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2014/12/22 8:0 a.m.15 views

Cross-site scripting vulnerability

A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. Ref 64563. This vulnerability has been assigned CVE-2014-3764. This issue affects the management interface of the device, whe...

4.3CVSS6.4AI score0.01362EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2014/12/10 12:0 a.m.32 views

Privilege escalation in GlobalProtect agent for Mac OS X

A path injection vulnerability affecting the GlobalProtect agent for Mac OS X 2.1.0 and earlier could allow a local attacker to gain elevated privileges on a targeted system...

7.3AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2014/10/20 7:0 a.m.169 views

SSL 3.0 MITM Attack

A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions CVE-2014-3566. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which mak...

4.3CVSS4.7AI score0.99999EPSS
Exploits7References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2014/10/20 7:0 a.m.8 views

SSL 3.0 MITM Attack

A vulnerability affecting most implementations of SSL 3.0 has been discovered that allows an attacker to decrypt some encrypted contents under certain conditions CVE-2014-3566. The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which mak...

3.4CVSS6.2AI score0.99999EPSS
Exploits7References1
Palo Alto Networks
Palo Alto Networks
added 2014/09/24 12:0 a.m.362 views

Bash Shell remote code execution (CVE-2014-6271, CVE-2014-7169)

Palo Alto Networks has become aware of a remote code execution vulnerability in the Bash shell utility. This vulnerability CVE-2014-6271 allows for remote code execution through multiple vectors due to the way Bash is often used on linux systems for processing commands. Additional information can...

10CVSS3.1AI score0.99999EPSS
Exploits140Affected Software2
Palo Alto Networks
Palo Alto Networks
added 2014/06/09 7:0 a.m.455 views

OpenSSL Man-in-the-middle vulnerability

The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The...

7.7AI score0.95326EPSS
Exploits9References1
Palo Alto Networks
Palo Alto Networks
added 2014/06/09 7:0 a.m.9 views

OpenSSL Man-in-the-middle vulnerability

The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The...

7.4CVSS7.1AI score0.95326EPSS
Exploits9References1
Palo Alto Networks
Palo Alto Networks
added 2014/01/29 12:0 a.m.11 views

Management API Key Bypass

An XML API key can be bypassed if a session has been authorized. This can be used in a CSRF or XSS attack. Ref 58976...

6.4AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2014/01/29 12:0 a.m.12 views

Cross-site Scripting Vulnerability

A cross-site scripting vulnerability exists in the web-based device management interface whereby data provided by the user is echoed back to the user without sanitization. Ref 59010...

6.2AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2013/07/22 7:0 a.m.23 views

Cross-site Scripting Vulnerability

A cross-site scripting vulnerability exists in the web-based device management API browser whereby data provided by the user is echoed back to the user without sanitization. Ref 50908 This issue affects the management interface of the device where the API browser is exposed. This issue affects...

2.7AI score0.02294EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2013/07/22 7:0 a.m.6 views

Cross-site Scripting Vulnerability

A cross-site scripting vulnerability exists in the web-based device management API browser whereby data provided by the user is echoed back to the user without sanitization. Ref 50908 This issue affects the management interface of the device where the API browser is exposed. This issue affects...

4.3CVSS6.5AI score0.02294EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2013/01/07 8:0 a.m.35 views

App-ID Cache Poisoning

An evasion technique that takes advantage of the App-ID cache function has recently been published. In certain circumstances, a knowledgeable user can bypass security policy that restricts the use of certain applications by sending numerous specially crafted requests over the network in order to...

1.8AI score0.02821EPSS
Exploits1References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2013/01/07 8:0 a.m.11 views

App-ID Cache Poisoning

An evasion technique that takes advantage of the App-ID cache function has recently been published. In certain circumstances, a knowledgeable user can bypass security policy that restricts the use of certain applications by sending numerous specially crafted requests over the network in order to...

4.3CVSS7.1AI score0.02821EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
added 2012/10/22 7:0 a.m.20 views

Man-in-the-middle Vulnerability in GlobalProtect App

A vulnerability exists in NetConnect all version and GlobalPortect App 1.1.6 and earlier whereby the agent does not verify the certificate presented by the portal server, enabling a possible Man-in-the-middle attack. This vulnerability can result in an agent connecting to an attacker-controlled...

4AI score0.00773EPSS
Exploits0References1Affected Software2
Palo Alto Networks
Palo Alto Networks
added 2012/10/22 7:0 a.m.9 views

Man-in-the-middle Vulnerability in GlobalProtect App

A vulnerability exists in NetConnect all version and GlobalPortect App 1.1.6 and earlier whereby the agent does not verify the certificate presented by the portal server, enabling a possible Man-in-the-middle attack. This vulnerability can result in an agent connecting to an attacker-controlled...

5.8CVSS7.1AI score0.00773EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.29 views

Command Injection Vulnerability

A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 31091 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier. Work...

3.9AI score0.04074EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.22 views

Command Injection Vulnerability

A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34595 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an...

3.7AI score0.03001EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.25 views

Command Injection Vulnerability

A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 34502 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.1 an...

3.7AI score0.03089EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.27 views

Verbose Error Messages

Under certain conditions, when unexpected input is provided to the web-based management UI, overly verbose error information is delivered back to the client. This does not directly result in any specific vulnerability, however this information is helpful to an attacker. Ref 33139 This issue resul...

4.3CVSS1.6AI score0.01592EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.23 views

Command Injection Vulnerability

A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. Ref 35249 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.8 and...

4.2AI score0.03214EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.10 views

Verbose Error Messages

Under certain conditions, when unexpected input is provided to the web-based management UI, overly verbose error information is delivered back to the client. This does not directly result in any specific vulnerability, however this information is helpful to an attacker. Ref 33139 This issue resul...

4.3CVSS6.9AI score0.01592EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.33 views

Command Injection Vulnerability

A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 30088 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier. Work...

3.9AI score0.04074EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.27 views

Management Server DOS Vulnerability

An issue exists whereby the management server of the device can be crashed when an authenticated users sends a specially crafted command via the command line interface. Ref 35254 This issue results in the unavailability of the management server of the device. The attacker must be an authenticated...

6.3CVSS4.9AI score0.01324EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.18 views

Command Injection Vulnerability

A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 30088 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier. Work...

10CVSS7.8AI score0.04074EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.25 views

Command Injection Vulnerability

A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. Ref 34896 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.8 and...

4.2AI score0.03214EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.27 views

LDAP Passwords Logged in Clear Text

An issue exists whereby LDAP bind passwords are logged to authd.log in clear text when using the default logging level of 'debug'. Ref 35493 This issue results in administrator passwords being logged and stored in clear text. Inappropriate access to this information can lead to unauthorized...

5CVSS3AI score0.01306EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2012/04/27 11:30 p.m.23 views

Command Injection Vulnerability

A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 31116 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an...

9CVSS7.4AI score0.03001EPSS
Exploits0References1
Total number of security vulnerabilities510