Lucene search
K
PaloaltoRecent

510 matches found

Palo Alto Networks
Palo Alto Networks
•added 2017/04/07 5:0 p.m.•9 views

Temporary DoS for Traps Agent

A vulnerability exists with the Traps ESM Console that could allow an attacker to cause a temporary Denial of Service DoS to a Traps agent. The ESM Console does not properly validate requests to revoke a Traps agent license. Ref CYV-11547 / CVE-2017-7408 Successfully exploiting this issue revokes...

7.5CVSS7AI score0.01906EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/03/15 5:30 p.m.•516 views

Information Disclosure in Terminal Server Agent

An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...

2.3AI score0.00978EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/03/15 5:30 p.m.•10 views

Information Disclosure in Terminal Server Agent

An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...

5.3CVSS6.6AI score0.00978EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:32 p.m.•571 views

Information Disclosure in the Management Web Interface

A vulnerability exists in the Management Web Interface that could result in Information Disclosure. Ref PAN-70428 / CVE-2017-5583 PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files...

2.2AI score0.01492EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:32 p.m.•15 views

Information Disclosure in the Management Web Interface

A vulnerability exists in the Management Web Interface that could result in Information Disclosure. Ref PAN-70428 / CVE-2017-5583 PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files...

6.5CVSS6.9AI score0.01492EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:31 p.m.•9 views

Cross-Site Scripting in the Management Web Interface

A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...

5.4CVSS5.8AI score0.00836EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:31 p.m.•585 views

Cross-Site Scripting in the Management Web Interface

A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...

2.5AI score0.00836EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:30 p.m.•535 views

Kernel Vulnerability

A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...

1.7AI score0.83524EPSS
Exploits82References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2017/02/21 7:30 p.m.•13 views

Kernel Vulnerability

A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...

7CVSS6.8AI score0.83524EPSS
Exploits82References1
Palo Alto Networks
Palo Alto Networks
•added 2017/01/26 6:31 p.m.•9 views

Spoofing in Terminal Server Agent

A spoofing vulnerability exists in Terminal Server Agent ref PAN-67269 / CVE-2017-5328. Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user. This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier Work...

7.5CVSS6.8AI score0.00909EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2017/01/26 6:31 p.m.•519 views

Spoofing in Terminal Server Agent

A spoofing vulnerability exists in Terminal Server Agent ref PAN-67269 / CVE-2017-5328. Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user. This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier Work...

2.1AI score0.00909EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2017/01/26 6:30 p.m.•584 views

Local Privilege Escalation in Terminal Server Agent

A local privilege escalation vulnerability exists in Terminal Server Agent ref PAN-67756 / CVE-2017-5329. Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions. This issue...

3.2AI score0.00976EPSS
Exploits4References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2017/01/26 6:30 p.m.•21 views

Local Privilege Escalation in Terminal Server Agent

A local privilege escalation vulnerability exists in Terminal Server Agent ref PAN-67756 / CVE-2017-5329. Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions. This issue...

7.8CVSS7.2AI score0.00976EPSS
Exploits4References1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:3 p.m.•454 views

XPath Injection

The Addresses Object parsing function does not properly escape single quotes. Ref PAN-55237/92073/CVE-2016-9149 This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14...

4.5AI score0.0204EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:3 p.m.•12 views

XPath Injection

The Addresses Object parsing function does not properly escape single quotes. Ref PAN-55237/92073/CVE-2016-9149 This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14...

6.5CVSS7.2AI score0.0204EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:2 p.m.•8 views

OpenSSH Vulnerability

Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. Ref 100977/CVE-2016-6210. To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issu...

5.9CVSS7AI score0.88944EPSS
Exploits12References1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:2 p.m.•465 views

OpenSSH Vulnerability

Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. Ref 100977/CVE-2016-6210. To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issu...

2.4AI score0.88944EPSS
Exploits12References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:1 p.m.•9 views

Buffer Overflow in the Management Web Interface

Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution RCE. Ref PAN-63073/102953/CVE-2016-9150 An attacker with network access to the management web interface may be able to perform a remote code execution RCE or...

9.8CVSS8AI score0.34781EPSS
Exploits1References1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:1 p.m.•51 views

Buffer Overflow in the Management Web Interface

Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution RCE. Ref PAN-63073/102953/CVE-2016-9150 An attacker with network access to the management web interface may be able to perform a remote code execution RCE or...

2.6AI score0.34781EPSS
Exploits1References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:0 p.m.•12 views

Local Privilege Escalation

Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...

7.8CVSS7.7AI score0.01207EPSS
Exploits2References1
Palo Alto Networks
Palo Alto Networks
•added 2016/11/17 5:0 p.m.•582 views

Local Privilege Escalation

Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...

4.5AI score0.01207EPSS
Exploits2References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/31 12:0 a.m.•17 views

Cross-Site Scripting in Captive Portal

Palo Alto Networks firewalls can be configured to identify users through a captive portal. This process is vulnerable to a cross-site scripting attack. Ref PAN-56221/93759...

6.3AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/31 12:0 a.m.•18 views

Insecure Browser API Token Generation

The Palo Alto Networks firewalls API browser does not properly use the REST API tokens. In a specific scenario, an attacker could steal the authentication token and perform calls to the firewall’s API. Ref PAN-61046/100428...

7AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/18 12:0 a.m.•136 views

OpenSSL Vulnerabilities

The OpenSSL library has been found to contain vulnerabilities CVE-2016-0703, CVE-2016-0704, and CVE-2016-0800. Palo Alto Networks software makes use of the vulnerable library. Ref PAN-55477/92481...

4.3CVSS3.2AI score0.82112EPSS
Exploits2Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/18 12:0 a.m.•22 views

Cross-Site Scripting in Web Interface

The Palo Alto Networks web management interface is vulnerable to a post-authentication persistent cross-site scripting condition in the monitor tab. Ref PAN-57659/95895...

6.3AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/18 12:0 a.m.•22 views

Insecure Server Configuration

An incorrect Web management server configuration was identified in PAN-OS. Ref PAN-52038/86767...

7AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/18 12:0 a.m.•64 views

OpenSSL Vulnerabilities

The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. Ref PAN-48954/81411...

7.5CVSS2.9AI score0.9986EPSS
Exploits2Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/11 7:0 p.m.•46 views

Web interface denial of service

Palo Alto Networks web management server is vulnerable to a denial-of-service attack. Ref PAN-64917/105311 CVE-2014-9708 This pre-authenticated denial-of-service attack could disrupt the web management interface. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0....

8.6AI score0.5643EPSS
Exploits2References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/11 7:0 p.m.•11 views

Web interface denial of service

Palo Alto Networks web management server is vulnerable to a denial-of-service attack. Ref PAN-64917/105311 CVE-2014-9708 This pre-authenticated denial-of-service attack could disrupt the web management interface. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0....

5CVSS6.8AI score0.5643EPSS
Exploits2References1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/04 12:0 a.m.•72 views

GlobalProtect Portal Version Disclosure

A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. Ref PAN-60568/99786...

6.9AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/10/03 12:0 a.m.•103 views

Kernel Vulnerabilities

The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366. Ref PAN-52379/87408...

7.8CVSS2.9AI score0.06267EPSS
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/09/08 12:0 a.m.•78 views

Web interface denial of service

Palo Alto Networks firewalls offer a web interface to manage all aspects of the device. A denial of service condition was identified in this process Ref 89984...

6.7AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/09/02 12:0 a.m.•71 views

OpenSSL Vulnerabilities

The OpenSSL library embedded in the GlobalProtectâ„¢ agent, TerminalServerâ„¢ agent and UserIDâ„¢ agent is affected by the following public vulnerabilities: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, and CVE-2016-2176 Ref 100669, 100133, PAN-60833...

7.8CVSS2.9AI score0.89058EPSS
Exploits6Affected Software3
Palo Alto Networks
Palo Alto Networks
•added 2016/08/25 12:0 a.m.•22 views

Remote Text File Access on Traps Endpoint Server Management

The Traps ESM Server license mechanism allows for remote license validation. The unintended ability to download text files using this subsystem was recently identified. Ref CYV-8717...

7AI score
Exploits0Affected Software2
Palo Alto Networks
Palo Alto Networks
•added 2016/08/15 7:0 p.m.•8 views

Glibc DNS Resolver Vulnerability

A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...

8.1CVSS8AI score0.89557EPSS
Exploits17References1
Palo Alto Networks
Palo Alto Networks
•added 2016/08/15 7:0 p.m.•61 views

Glibc DNS Resolver Vulnerability

A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...

8.6AI score0.89557EPSS
Exploits17References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/08/15 12:0 a.m.•170 views

NTP Vulnerabilities

The open source ntp project has been found to contain several vulnerabilities CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016. Palo Alto...

5.8CVSS1.5AI score0.11887EPSS
Exploits5Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/08/15 12:0 a.m.•163 views

OpenSSL Vulnerabilities

The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176,...

10CVSS2.9AI score0.9986EPSS
Exploits9Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/08/12 12:0 a.m.•27 views

WildFire Cross-Site Scripting Vulnerability

A Palo Alto Networks firewall displaying a WildFire cloud integrated report is susceptible to a cross-site scripting condition Ref WTC-3355...

6.3AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
•added 2016/08/04 12:0 a.m.•411 views

Local Privilege Escalation in GlobalProtect Agent for OS X

A vulnerability was recently identified which allows a local user to escalate privileges through the GlobalProtect Agent for OS X Ref 97042...

6.8AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/14 12:0 a.m.•18 views

Cron local privilege escalation

Palo Alto Networks firewalls use the cron infrastructure to perform household system cleanup at regular intervals. Due to an error in user input normalization, a file locally created by an end user and placed in a specific directory could be executed in a higher privilege context Ref. 93612...

6.8AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/14 12:0 a.m.•23 views

Web Interface Privilege Escalation

Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. Ref. 88191...

6.8AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/14 12:0 a.m.•20 views

Captive Portal denial of service

You can configure Palo Alto Networks firewalls to host a web-based Captive Portal to authenticate users. A denial of service condition was identified in this subsystem Ref. 92413...

6.7AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/14 12:0 a.m.•19 views

Cross-site scripting issue in policy

Palo Alto Networks firewalls running the PAN-OS web interface are subject to a cross-site scripting vulnerability Ref. 93072...

6.1AI score
Exploits0Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/13 6:30 p.m.•102 views

Local privilege escalation

Palo Alto Networks firewalls do not properly sanitize the rootreboot local invocation which can potentially allow executing code with higher privileges Ref. 92293 CVE-2016-1712. Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain ...

4.6AI score0.00355EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/13 6:30 p.m.•7 views

Local privilege escalation

Palo Alto Networks firewalls do not properly sanitize the rootreboot local invocation which can potentially allow executing code with higher privileges Ref. 92293 CVE-2016-1712. Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain ...

7.8CVSS7.6AI score0.00355EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/12 12:0 a.m.•98 views

OpenSSH vulnerabilities

OpenSSH contains two vulnerabilities CVE-2016-0777 and CVE-2016-0778 affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. Ref 90508...

4.6CVSS2.3AI score0.63468EPSS
Exploits3Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/07/01 12:0 a.m.•55 views

Update Server API Exposure

The Palo Alto Networks update server enables downloading of PAN-OS software releases and dynamic updates through a public API. Some functions of the API were inadvertently exposed to the public...

6.8AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
•added 2016/06/27 6:30 p.m.•38 views

Cross-site scripting vulnerability

A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. Ref 90635 CVE-2016-2219. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious...

2.6AI score0.00782EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
•added 2016/06/27 6:30 p.m.•20 views

Cross-site scripting vulnerability

A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. Ref 90635 CVE-2016-2219. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious...

5.4CVSS6AI score0.00782EPSS
Exploits0References1
Total number of security vulnerabilities510