Lucene search
K
PaloaltoRecent

510 matches found

Palo Alto Networks
Palo Alto Networks
added 2021/09/08 4:0 p.m.54 views

PAN-OS: Exceptional Condition Denial-of-Service (DoS)

An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request...

7.5CVSS2AI score0.01008EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.116 views

Informational: Impact of Microsoft PowerShell Vulnerability CVE-2021-26701 on Cortex XSOAR

Palo Alto Networks Cortex XSOAR maintains Docker Images with PowerShell available for customers to use. The base docker images with PowerShell were updated on May 19, 2021 with PowerShell version 7.1.3. Palo Alto Networks urges customers to upgrade their docker images to a version with the tag...

8.1CVSS8.2AI score0.30315EPSS
Exploits0References4
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.55 views

PAN-OS: Improper SAML Authentication Vulnerability in GlobalProtect Portal

An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to impersonate any other user in the GlobalProtect Portal and GlobalProtect Gateway when they are configured to use SAML authentication. Work around: You can disable SA...

6.8CVSS5.1AI score0.01116EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.102 views

PAN-OS: OS Command Injection Vulnerability in Web Interface

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;...

8.8CVSS3.5AI score0.01779EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.75 views

PAN-OS: Weak Cryptography Used in Web Interface Authentication

A cryptographically weak pseudo-random number generator PRNG is used during authentication to the Palo Alto Networks PAN-OS web interface. This enables an authenticated attacker, with the capability to observe their own authentication secrets over a long duration on the PAN-OS appliance, to...

4.2CVSS2.9AI score0.00452EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.64 views

PAN-OS: OS Command Argument Injection in Web Interface

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to read any arbitrary file from the file system. Work around: This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can...

4.9CVSS2AI score0.0079EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/08/11 4:0 p.m.211 views

PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage

Certain invalid URL entries contained in an External Dynamic List EDL cause the Device Server daemon devsrvr to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall...

5.9CVSS1.8AI score0.00843EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/07/14 4:0 p.m.79 views

Cortex XDR Agent: Improper Control of User-Controlled File Leads to Local Privilege Escalation

A local privilege escalation PE vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. Exploiting this vulnerability requires the user to have file creation privilege in the...

7.8CVSS3.3AI score0.00248EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/07/14 4:0 p.m.63 views

Prisma Cloud: Cross-Site Scripting (XSS) Vulnerability in Prisma Cloud Compute Web Console

A reflected cross-site scripting XSS vulnerability exists in the Prisma Cloud Compute web console that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console while an authenticated administrator is using that web interface. Prisma Cloud Compute SaaS versio...

7.5CVSS2.7AI score0.00634EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/06/22 4:0 p.m.110 views

Cortex XSOAR: Unauthorized Usage of the REST API

An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API. Work around: Until the XSOAR server is upgraded, to completely prevent the issu...

9.8CVSS2.7AI score0.01406EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/06/09 4:0 p.m.77 views

Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation

A local privilege escalation vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory...

7.8CVSS2.8AI score0.00248EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/06/09 4:0 p.m.67 views

Prisma Cloud Compute: User role authorization secret for Console leaked through log file export

An information exposure through log file vulnerability exists in the Palo Alto Networks Prisma Cloud Compute Console where a secret used to authorize the role of the authenticated user is logged to a debug log file. Authenticated Operator role and Auditor role users with access to the debug log...

3.8CVSS3AI score0.00537EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/06/09 4:0 p.m.57 views

Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...

7.2CVSS6AI score0.01295EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/04/14 4:0 p.m.62 views

PAN-OS: Secrets for scheduled configuration exports are logged in system logs

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS...

2.3CVSS0.9AI score0.00253EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/04/14 4:0 p.m.55 views

Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...

7.2CVSS6AI score0.01295EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/04/14 4:0 p.m.60 views

PAN-OS: Administrator secrets are logged in web server logs when using the PAN-OS XML API incorrectly

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to...

4.4CVSS2.2AI score0.00248EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
added 2021/04/14 4:0 p.m.105 views

GlobalProtect App: Windows VPN kernel driver denial of service (DoS)

A denial-of-service DoS vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death BSOD error. Work around: No work around available...

5.5CVSS2.9AI score0.00219EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/03/24 8:50 p.m.235 views

PAN-OS: Informational: Impact of the OpenSSH vulnerability CVE-2021-28041

The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSH software CVE-2021-28041 vulnerability. PAN-OS software does not utilize the ssh-agent component or provide access to the agent socket related to this vulnerability. There are no scenarios that enable successful...

7.1CVSS2.6AI score0.03422EPSS
Exploits1References2
Palo Alto Networks
Palo Alto Networks
added 2021/03/10 5:0 p.m.76 views

Cortex XSOAR: Secrets for SAML single sign-on (SSO) integration may be logged in system logs

An information exposure through log file vulnerability exists in Cortex XSOAR software where the secrets configured for the SAML single sign-on SSO integration can be logged to the '/var/log/demisto/' server logs when testing the integration during setup. This logged information includes the...

5.1CVSS1.5AI score0.00168EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/02/10 5:0 p.m.153 views

Informational: Impact of Sudo Vulnerability CVE-2021-3156

Palo Alto Networks Product Security Assurance team has evaluated the Sudo software vulnerability CVE-2021-3156. PAN-OS software, Prisma Cloud compute, and Prisma SD-WAN CloudGenix devices do not include the Sudo program and, therefore, no scenarios required for successful exploitation exist in...

7.8CVSS8AI score0.99295EPSS
Exploits81References2
Palo Alto Networks
Palo Alto Networks
added 2021/02/10 5:0 p.m.58 views

Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console

An improper verification of cryptographic signature vulnerability exists in the Palo Alto Networks Prisma Cloud Compute console. This vulnerability enables an attacker to bypass signature validation during SAML authentication by logging in to the Prisma Cloud Compute console as any authorized use...

9.8CVSS2.8AI score0.01211EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/02/10 5:0 p.m.141 views

Informational: Impact of Python Test Suite Vulnerability CVE-2020-27619

The Palo Alto Networks Product Security Assurance team evaluated the Python test suite vulnerability CVE-2020-27619. There are no scenarios that enable successful exploitation of the vulnerability in Cortex XSOAR or PAN-OS software. No product release contains the Python test suite that is...

9.8CVSS9AI score0.08235EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2021/01/13 5:0 p.m.113 views

PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)

Padding bytes in Ethernet packets on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series firewalls are not cleared before the data frame is created. This leaks a small amount of random information from the firewall...

4.3CVSS1.7AI score0.73006EPSS
Exploits15References1
Palo Alto Networks
Palo Alto Networks
added 2021/01/13 5:0 p.m.65 views

PAN-OS: Configuration secrets for log forwarding may be logged in system logs

An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the “http”, “email”, and “snmptrap” v3 log forwarding server profiles can be logged to the logrcvr.log system log. Logged information may include up to 1024 bytes of...

4.4CVSS0.00207EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/12/09 5:0 p.m.71 views

Cortex XDR Agent: Exceptional condition denial-of-service (DoS)

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting. The exceptional condition is persistent and prevents Cortex XDR...

5.5CVSS1.9AI score0.00304EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/12/09 5:0 p.m.70 views

Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory...

7.8CVSS3.5AI score0.00341EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.57 views

PAN-OS: Threat signatures are evaded by specifically crafted packets

A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to evade threat prevention signatures using specifically crafted TCP packets. This CVE has no impact on the confidentiality and availability of PAN-OS. This issue does not let an...

5.3CVSS4AI score0.01321EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.58 views

PAN-OS: Authentication bypass vulnerability in GlobalProtect client certificate verification

An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to...

8.2CVSS2.8AI score0.0102EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.51 views

PAN-OS: System proxy passwords may be logged in clear text while viewing system state

An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. Work around: This issue impacts the management web interface. You...

3.3CVSS0.5AI score0.0034EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.39 views

PAN-OS: Panorama session disclosure during context switch into managed device

An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacke...

7.5CVSS2AI score0.0121EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/11/11 5:0 p.m.88 views

PAN-OS: OS command injection and memory corruption vulnerability

An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges. Work around: Until PAN-OS software is upgraded to a...

7.2CVSS4.6AI score0.03226EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.41 views

PAN-OS: Passwords may be logged in clear text when using after-change-detail custom syslog field for config logs

An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail custom syslog field is enabled for configuration logs and the sensitive field appears multiple tim...

3.3CVSS0.3AI score0.00732EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.57 views

PAN-OS: OS command injection vulnerability in the management web interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Work around: Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59954 on traffic...

7.2CVSS4.2AI score0.86086EPSS
Exploits7References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.42 views

PAN-OS: Passwords may be logged in clear text while storing operational command (op command) history

An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS software. The opcmdhistory.log file was introduced to track operational command op-command usage but...

3.3CVSS0.4AI score0.00732EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.38 views

PAN-OS: Buffer overflow in the management web interface

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Work around: This issue impacts the PAN-OS management web interface but you can mitigate the impact o...

7.2CVSS2.7AI score0.02302EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.56 views

PAN-OS: OS command injection vulnerability in the management web interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Work around: Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59971 on traffic...

7.2CVSS4.2AI score0.0356EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.47 views

PAN-OS: Management web interface denial-of-service (DoS) through unauthenticated file upload

An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not properly deleted after the request is finished. It is possible for an attacker to disrupt the...

5.3CVSS1.2AI score0.46383EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.39 views

PAN-OS: Management web interface denial-of-service (DoS)

An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS...

7.5CVSS3.1AI score0.02135EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.56 views

PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled

A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...

9.8CVSS6.7AI score0.03937EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/09/09 4:0 p.m.80 views

PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface

A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...

8.8CVSS1.3AI score0.2389EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/08/12 4:0 p.m.76 views

PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions

When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication SNI field within...

3CVSS3.7AI score0.0078EPSS
Exploits0References2
Palo Alto Networks
Palo Alto Networks
added 2020/07/08 4:0 p.m.67 views

PAN-OS: OS command injection vulnerability in GlobalProtect portal

An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform...

10CVSS4.5AI score0.06592EPSS
Exploits2References1
Palo Alto Networks
Palo Alto Networks
added 2020/07/08 4:0 p.m.43 views

PAN-OS: TLS 1.0 usage for certain communications with Palo Alto Networks cloud delivered services

Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol. These cloud services include Cortex Data Lake, the Customer Support Portal, and the Prisma Access infrastructure. Conditions required for exploitati...

4.8CVSS2.7AI score0.00421EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/07/08 4:0 p.m.41 views

PAN-OS: OS command injection vulnerability in the management interface

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. Work around: This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best...

7.2CVSS2.9AI score0.0253EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/07/08 4:0 p.m.35 views

PAN-OS: Integer underflow in the management interface

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service ...

4.9CVSS2.5AI score0.01135EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/06/29 3:0 p.m.125 views

PAN-OS: Authentication Bypass in SAML Authentication

When Security Assertion Markup Language SAML authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled unchecked, improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources...

10CVSS1.4AI score0.04362EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
added 2020/06/10 4:0 p.m.52 views

GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie

When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing...

5.3CVSS3.1AI score0.00761EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/06/10 4:0 p.m.45 views

PAN-OS: Buffer overflow in authd authentication response

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Work around: This issue affects the management interface of PAN-OS and you can mitiga...

7.2CVSS2.5AI score0.02132EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/06/10 4:0 p.m.47 views

GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade

A race condition vulnerability Palo Alto Networks GlobalProtect app on Windows allows a local limited Windows user to execute programs with SYSTEM privileges. This issue can be exploited only while performing a GlobalProtect app upgrade. Work around: No work around available...

7CVSS3.6AI score0.00211EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/06/10 4:0 p.m.46 views

PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification

An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode. Work around: This issue affects the management interface of PAN-OS and you can mitigate the...

7.2CVSS2.9AI score0.01783EPSS
Exploits0References1
Total number of security vulnerabilities510