Pan-os@4.0.1 Security Vulnerabilities and Issues — Pan-os@4.0.1 CVE List

Lucene search

PaloaltonetworksPan-os4.0.1

18 matches found

CVE•added 2013/08/31 5:55 p.m.•47 views

CVE-2012-6595

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595.

9CVSS7.5AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•46 views

CVE-2012-6596

Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.

5CVSS6.2AI score0.00232EPSS

CVE•added 2013/08/31 5:55 p.m.•46 views

CVE-2012-6603

The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.

10CVSS7.2AI score0.0104EPSS

CVE•added 2013/08/31 5:55 p.m.•46 views

CVE-2013-5663

The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic...

4.3CVSS7AI score0.00378EPSS

CVE•added 2013/08/31 5:55 p.m.•44 views

CVE-2012-6590

The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.

4.3CVSS6.5AI score0.00204EPSS

CVE•added 2013/08/31 5:55 p.m.•41 views

CVE-2012-6591

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116.

9CVSS7.5AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•41 views

CVE-2012-6594

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34299.

9CVSS7.5AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•41 views

CVE-2012-6598

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080.

9CVSS7.4AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•40 views

CVE-2012-6599

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476.

9CVSS7.5AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•40 views

CVE-2012-6602

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.

9CVSS7.5AI score0.00703EPSS

CVE•added 2013/08/31 5:55 p.m.•40 views

CVE-2013-5664

Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via crafted data, aka Ref ID 50908.

4.3CVSS5.9AI score0.00881EPSS

CVE•added 2013/08/31 5:55 p.m.•38 views

CVE-2012-6605

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.

9CVSS7.6AI score0.01743EPSS

CVE•added 2013/08/31 5:55 p.m.•37 views

CVE-2012-6592

Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.

10CVSS7.9AI score0.03364EPSS

CVE•added 2013/08/31 5:55 p.m.•37 views

CVE-2012-6601

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.

10CVSS8AI score0.08417EPSS

CVE•added 2013/08/31 5:55 p.m.•36 views

CVE-2012-6593

Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088.

10CVSS7.9AI score0.03364EPSS

CVE•added 2013/08/31 5:55 p.m.•36 views

CVE-2012-6597

Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.

6.3CVSS6.4AI score0.00391EPSS

CVE•added 2013/08/31 5:55 p.m.•35 views

CVE-2012-6604

9CVSS7.6AI score0.01743EPSS

CVE•added 2013/08/31 5:55 p.m.•34 views

CVE-2012-6600

The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502.

9CVSS7.5AI score0.00703EPSS