510 matches found
Temporary DoS for Traps Agent
A vulnerability exists with the Traps ESM Console that could allow an attacker to cause a temporary Denial of Service DoS to a Traps agent. The ESM Console does not properly validate requests to revoke a Traps agent license. Ref CYV-11547 / CVE-2017-7408 Successfully exploiting this issue revokes...
Information Disclosure in Terminal Server Agent
An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...
Information Disclosure in Terminal Server Agent
An information disclosure vulnerability exists in the Terminal Server TS agent. Session information may be disclosed due to insecure permissions WINAGENT-43 / CVE-2017-6356. The information disclosure is limited to session information. This issue affects TS agent 6.0, TS agent 7.0, and TS agent...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface that could result in Information Disclosure. Ref PAN-70428 / CVE-2017-5583 PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files...
Information Disclosure in the Management Web Interface
A vulnerability exists in the Management Web Interface that could result in Information Disclosure. Ref PAN-70428 / CVE-2017-5583 PAN-OS contains a post-authentication vulnerability that may allow for Information Disclosure. Successful exploitation allows an attacker to download arbitrary files...
Cross-Site Scripting in the Management Web Interface
A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...
Cross-Site Scripting in the Management Web Interface
A persistent cross-site scripting XSS vulnerability exists in the management web interface ref PAN-66838 / CVE-2017-5584. PAN-OS contains a post-authentication vulnerability that may allow for a persistent cross-site scripting XSS attack of the management web interface. Successful exploitation of...
Kernel Vulnerability
A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...
Kernel Vulnerability
A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW ref PAN-68074 / CVE-2016-5195. PAN-OS may be impacted by the Dirty COW CVE-2016-5195 attack. A race condition was found in the way the Linux kernel's memory...
Spoofing in Terminal Server Agent
A spoofing vulnerability exists in Terminal Server Agent ref PAN-67269 / CVE-2017-5328. Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user. This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier Work...
Spoofing in Terminal Server Agent
A spoofing vulnerability exists in Terminal Server Agent ref PAN-67269 / CVE-2017-5328. Terminal Server Agent contains a vulnerability whereby a user can spoof the identity of another authenticated user. This issue affects Terminal Server Agent 6.0; Terminal Server Agent 7.0.6 and earlier Work...
Local Privilege Escalation in Terminal Server Agent
A local privilege escalation vulnerability exists in Terminal Server Agent ref PAN-67756 / CVE-2017-5329. Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions. This issue...
Local Privilege Escalation in Terminal Server Agent
A local privilege escalation vulnerability exists in Terminal Server Agent ref PAN-67756 / CVE-2017-5329. Terminal Server Agent contains a vulnerability that may allow for an out of bounds write. Successful exploitation of this issue may allow an attacker to elevate their permissions. This issue...
XPath Injection
The Addresses Object parsing function does not properly escape single quotes. Ref PAN-55237/92073/CVE-2016-9149 This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14...
XPath Injection
The Addresses Object parsing function does not properly escape single quotes. Ref PAN-55237/92073/CVE-2016-9149 This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14...
OpenSSH Vulnerability
Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. Ref 100977/CVE-2016-6210. To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issu...
OpenSSH Vulnerability
Palo Alto Networks makes use of a the OpenSSH tool. CVE-2016-6210 was recently confirmed to be applicable to the version in use by PAN-OS. Ref 100977/CVE-2016-6210. To exploit this vulnerability, an attacker would have to guess usernames defined as system administrators on the firewall. This issu...
Buffer Overflow in the Management Web Interface
Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution RCE. Ref PAN-63073/102953/CVE-2016-9150 An attacker with network access to the management web interface may be able to perform a remote code execution RCE or...
Buffer Overflow in the Management Web Interface
Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution RCE. Ref PAN-63073/102953/CVE-2016-9150 An attacker with network access to the management web interface may be able to perform a remote code execution RCE or...
Local Privilege Escalation
Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...
Local Privilege Escalation
Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges Ref PAN-61104/100499/CVE-2016-9151 A potential attacker with local shell access could manipulate arbitrary environment variables which could result...
Cross-Site Scripting in Captive Portal
Palo Alto Networks firewalls can be configured to identify users through a captive portal. This process is vulnerable to a cross-site scripting attack. Ref PAN-56221/93759...
Insecure Browser API Token Generation
The Palo Alto Networks firewalls API browser does not properly use the REST API tokens. In a specific scenario, an attacker could steal the authentication token and perform calls to the firewall’s API. Ref PAN-61046/100428...
OpenSSL Vulnerabilities
The OpenSSL library has been found to contain vulnerabilities CVE-2016-0703, CVE-2016-0704, and CVE-2016-0800. Palo Alto Networks software makes use of the vulnerable library. Ref PAN-55477/92481...
Cross-Site Scripting in Web Interface
The Palo Alto Networks web management interface is vulnerable to a post-authentication persistent cross-site scripting condition in the monitor tab. Ref PAN-57659/95895...
Insecure Server Configuration
An incorrect Web management server configuration was identified in PAN-OS. Ref PAN-52038/86767...
OpenSSL Vulnerabilities
The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. Ref PAN-48954/81411...
Web interface denial of service
Palo Alto Networks web management server is vulnerable to a denial-of-service attack. Ref PAN-64917/105311 CVE-2014-9708 This pre-authenticated denial-of-service attack could disrupt the web management interface. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0....
Web interface denial of service
Palo Alto Networks web management server is vulnerable to a denial-of-service attack. Ref PAN-64917/105311 CVE-2014-9708 This pre-authenticated denial-of-service attack could disrupt the web management interface. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0....
GlobalProtect Portal Version Disclosure
A Palo Alto Networks firewall configured to host the GlobalProtect Portal advertises its running PAN-OS version. Ref PAN-60568/99786...
Kernel Vulnerabilities
The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366. Ref PAN-52379/87408...
Web interface denial of service
Palo Alto Networks firewalls offer a web interface to manage all aspects of the device. A denial of service condition was identified in this process Ref 89984...
OpenSSL Vulnerabilities
The OpenSSL library embedded in the GlobalProtectâ„¢ agent, TerminalServerâ„¢ agent and UserIDâ„¢ agent is affected by the following public vulnerabilities: CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2109, and CVE-2016-2176 Ref 100669, 100133, PAN-60833...
Remote Text File Access on Traps Endpoint Server Management
The Traps ESM Server license mechanism allows for remote license validation. The unintended ability to download text files using this subsystem was recently identified. Ref CYV-8717...
Glibc DNS Resolver Vulnerability
A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...
Glibc DNS Resolver Vulnerability
A vulnerability in the GNU libc glibc DNS resolver allows remote code execution CVE-2015-7547. However, this issue can be exploited only from a DNS server that is under the control of an attacker. Ref 91886. This glibc issue is only exploitable by an attacker controlling the DNS server configured...
NTP Vulnerabilities
The open source ntp project has been found to contain several vulnerabilities CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016. Palo Alto...
OpenSSL Vulnerabilities
The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176,...
WildFire Cross-Site Scripting Vulnerability
A Palo Alto Networks firewall displaying a WildFire cloud integrated report is susceptible to a cross-site scripting condition Ref WTC-3355...
Local Privilege Escalation in GlobalProtect Agent for OS X
A vulnerability was recently identified which allows a local user to escalate privileges through the GlobalProtect Agent for OS X Ref 97042...
Cron local privilege escalation
Palo Alto Networks firewalls use the cron infrastructure to perform household system cleanup at regular intervals. Due to an error in user input normalization, a file locally created by an end user and placed in a specific directory could be executed in a higher privilege context Ref. 93612...
Web Interface Privilege Escalation
Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. Ref. 88191...
Captive Portal denial of service
You can configure Palo Alto Networks firewalls to host a web-based Captive Portal to authenticate users. A denial of service condition was identified in this subsystem Ref. 92413...
Cross-site scripting issue in policy
Palo Alto Networks firewalls running the PAN-OS web interface are subject to a cross-site scripting vulnerability Ref. 93072...
Local privilege escalation
Palo Alto Networks firewalls do not properly sanitize the rootreboot local invocation which can potentially allow executing code with higher privileges Ref. 92293 CVE-2016-1712. Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain ...
Local privilege escalation
Palo Alto Networks firewalls do not properly sanitize the rootreboot local invocation which can potentially allow executing code with higher privileges Ref. 92293 CVE-2016-1712. Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain ...
OpenSSH vulnerabilities
OpenSSH contains two vulnerabilities CVE-2016-0777 and CVE-2016-0778 affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. Ref 90508...
Update Server API Exposure
The Palo Alto Networks update server enables downloading of PAN-OS software releases and dynamic updates through a public API. Some functions of the API were inadvertently exposed to the public...
Cross-site scripting vulnerability
A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. Ref 90635 CVE-2016-2219. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious...
Cross-site scripting vulnerability
A cross-site scripting vulnerability exists in the web interface whereby data provided by the user is stored without sanitization. Ref 90635 CVE-2016-2219. This issue affects the management interface of the device, where an authenticated administrator may be tricked into injecting malicious...