Pan-os@10.2.7 Security Vulnerabilities and Issues — Pan-os@10.2.7 CVE List

Lucene search

PaloaltonetworksPan-os10.2.7

7 matches found

CVE•added 2024/04/12 8:15 a.m.•732 views

CVE-2024-3400

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the f...

10CVSS9.8AI score0.94345EPSS

CVE•added 2025/02/12 9:15 p.m.•398 views

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP ...

9.1CVSS8.1AI score0.94092EPSS

CVE•added 2025/02/12 9:15 p.m.•184 views

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by re...

7.1CVSS6.7AI score0.03095EPSS

CVE•added 2024/04/10 5:15 p.m.•72 views

CVE-2024-3388

A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal asset...

5CVSS6.5AI score0.00132EPSS

CVE•added 2024/04/10 5:15 p.m.•65 views

CVE-2024-3382

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL ...

7.5CVSS7.3AI score0.00374EPSS

CVE•added 2024/11/14 10:15 a.m.•59 views

CVE-2024-2550

A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts ...

8.7CVSS6.6AI score0.00141EPSS

CVE•added 2024/11/14 10:15 a.m.•58 views

CVE-2024-2552

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.

6.8CVSS6.9AI score0.00168EPSS