510 matches found
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 30088 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier. Work...
Command Injection Vulnerability
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. Ref 33080 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.7 an...
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. Ref 36983 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier;...
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 31091 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier. Work...
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 31091 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier. Work...
Credential Bypass Vulnerability
A vulnerability exists whereby an unauthenticated user can get administrator access to the device via the web management UI without supplying credentials. Ref 37034 This vulnerability can result in total compromise of the device. This issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and...
Management Server DOS Vulnerability
An issue exists whereby the management server of the device can be crashed when an authenticated users sends a specially crafted command via the command line interface. Ref 35254 This issue results in the unavailability of the management server of the device. The attacker must be an authenticated...
OpenSSL Plain Text Recovery Attack Vulnerability
The OpenSSL library implementation is vulnerable to a plain text recovery attack by performing timing analysis of the time required to decrypt encrypted data. A detailed report of this issue is available at http://www.isg.rhul.ac.uk/kp/dtls.pdf. Ref 36017 This vulnerability can theoretically resu...
Command Injection Vulnerability
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. Ref 30088 This vulnerability can result in arbitrary command execution, and can result in total compromise of the device. This issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier. Work...
Credential Bypass Vulnerability
A vulnerability exists whereby an unauthenticated user can get administrator access to the device via the web management UI without supplying credentials. Ref 37034 This vulnerability can result in total compromise of the device. This issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and...