Paloaltonetworks Pan-os — known CVE vulnerabilities
Every CVE whose affected-product data names Paloaltonetworks Pan-os, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2012-6592 — CVSS 10.0 (critical): Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified…
CVE-2019-17440 — CVSS 10.0 (critical): Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card…
CVE-2012-6601 — CVSS 10.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows…
CVE-2012-6603 — CVSS 10.0 (critical): The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to…
CVE-2012-6593 — CVSS 10.0 (critical): Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified…
CVE-2021-3064 — CVSS 9.8 (critical): A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated…
CVE-2017-9458 — CVSS 9.8 (critical): XML external entity (XXE) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before…
CVE-2017-8390 — CVSS 9.8 (critical): The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote…
CVE-2019-1581 — CVSS 9.8 (critical): A remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with…
CVE-2020-2040 — CVSS 9.8 (critical): A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary…
CVE-2019-1580 — CVSS 9.8 (critical): Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will…
CVE-2017-7945 — CVSS 9.8 (critical): The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before…
CVE-2016-3655 — CVSS 9.8 (critical): The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5…
CVE-2017-15940 — CVSS 9.8 (critical): The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14…
CVE-2016-3657 — CVSS 9.8 (critical): Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x…
CVE-2016-9150 — CVSS 9.8 (critical): Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x…
CVE-2012-6598 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute…
CVE-2012-6599 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote…
CVE-2012-6600 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote…
CVE-2012-6602 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated…
CVE-2012-6604 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated…
CVE-2012-6605 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated…
CVE-2020-2018 — CVSS 9.0 (critical): An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's…
CVE-2012-6591 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated…
CVE-2012-6594 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows…
CVE-2012-6595 — CVSS 9.0 (critical): The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote…
CVE-2020-2015 — CVSS 8.8 (high): A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute…
CVE-2023-6790 — CVSS 8.8 (high): A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a…
CVE-2020-2014 — CVSS 8.8 (high): An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands…
CVE-2020-2036 — CVSS 8.8 (high): A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an…
CVE-2021-3050 — CVSS 8.8 (high): An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute…
CVE-2021-3058 — CVSS 8.8 (high): An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with…
CVE-2021-3056 — CVSS 8.8 (high): A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute…
CVE-2019-1575 — CVSS 8.8 (high): Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier…
CVE-2020-2017 — CVSS 8.8 (high): A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces. A remote attacker able to convince…
CVE-2016-4971 — CVSS 8.8 (high): GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource.
CVE-2019-1576 — CVSS 8.8 (high): Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and…
CVE-2020-2013 — CVSS 8.3 (high): A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated…
CVE-2020-2050 — CVSS 8.2 (high): An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an…
CVE-2020-2034 — CVSS 8.1 (high): An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute…
CVE-2022-0030 — CVSS 8.1 (high): An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific…
CVE-2020-1979 — CVSS 8.1 (high): A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered…
CVE-2020-1992 — CVSS 8.1 (high): A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote…
CVE-2021-3062 — CVSS 8.1 (high): An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and…
CVE-2021-3059 — CVSS 8.1 (high): An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This…
CVE-2020-2002 — CVSS 8.1 (high): An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS…
CVE-2020-2001 — CVSS 8.1 (high): An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an…
CVE-2021-3060 — CVSS 8.1 (high): An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an…
CVE-2021-3052 — CVSS 8.0 (high): A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based…
CVE-2016-9151 — CVSS 7.8 (high): Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x…
CVE-2015-6531 — CVSS 7.8 (high): Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a…
CVE-2016-1712 — CVSS 7.8 (high): Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6.1.12, and 7.0.x before 7.0.8 might allow…
CVE-2017-7218 — CVSS 7.8 (high): The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified…
CVE-2019-17437 — CVSS 7.8 (high): An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to…
CVE-2020-1980 — CVSS 7.8 (high): A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate…
CVE-2024-2550 — CVSS 7.5 (high): A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated…
CVE-2017-15942 — CVSS 7.5 (high): Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause…
CVE-2025-0114 — CVSS 7.5 (high): A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated…
CVE-2020-2012 — CVSS 7.5 (high): Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote…
CVE-2021-3063 — CVSS 7.5 (high): An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that…
CVE-2020-2011 — CVSS 7.5 (high): An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote…
CVE-2026-0227 — CVSS 7.5 (high): A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the…
CVE-2021-3053 — CVSS 7.5 (high): An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an…
CVE-2024-9468 — CVSS 7.5 (high): A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted…
CVE-2020-2041 — CVSS 7.5 (high): An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically…
CVE-2024-3384 — CVSS 7.5 (high): A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New…
CVE-2025-0130 — CVSS 7.5 (high): A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to…
CVE-2016-3656 — CVSS 7.5 (high): The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2…
CVE-2020-2022 — CVSS 7.5 (high): An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web…
CVE-2016-8610 — CVSS 7.5 (high): A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined…
CVE-2024-3385 — CVSS 7.5 (high): A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated…
CVE-2024-3382 — CVSS 7.5 (high): A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall…
CVE-2024-2551 — CVSS 7.5 (high): A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system…
CVE-2024-3383 — CVSS 7.4 (high): A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables…
CVE-2025-4615 — CVSS 7.2 (high): An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an…
CVE-2024-8686 — CVSS 7.2 (high): A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system…
CVE-2019-1582 — CVSS 7.2 (high): Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier will allow an administrative user to cause arbitrary memory…
CVE-2020-1990 — CVSS 7.2 (high): A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted…
CVE-2020-2000 — CVSS 7.2 (high): An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators…
CVE-2020-2006 — CVSS 7.2 (high): A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially…
CVE-2020-2007 — CVSS 7.2 (high): An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute…
CVE-2020-2008 — CVSS 7.2 (high): An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to…
CVE-2020-2009 — CVSS 7.2 (high): An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated…
CVE-2020-2010 — CVSS 7.2 (high): An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands…
CVE-2020-2027 — CVSS 7.2 (high): A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt…
CVE-2020-2028 — CVSS 7.2 (high): An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with…
CVE-2020-2029 — CVSS 7.2 (high): An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS…
CVE-2020-2030 — CVSS 7.2 (high): An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS…
CVE-2016-3654 — CVSS 7.2 (high): The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13…
CVE-2020-2037 — CVSS 7.2 (high): An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS…
CVE-2020-2038 — CVSS 7.2 (high): An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS…
CVE-2025-4231 — CVSS 7.2 (high): A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the…
CVE-2020-2042 — CVSS 7.2 (high): A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and…
CVE-2022-0024 — CVSS 7.2 (high): A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a…
CVE-2021-3054 — CVSS 7.2 (high): A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an…
CVE-2020-2005 — CVSS 7.1 (high): A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN…
CVE-2024-8687 — CVSS 7.1 (high): An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the…
CVE-2024-8691 — CVSS 7.1 (high): A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to…
CVE-2020-1981 — CVSS 7.0 (high): A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed…
CVE-2020-2016 — CVSS 7.0 (high): A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation…
CVE-2021-3046 — CVSS 6.8 (medium): An improper authentication vulnerability exists in Palo Alto Networks PAN-OS software that enables a SAML authenticated attacker to…
CVE-2024-0007 — CVSS 6.8 (medium): A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator…
CVE-2020-1975 — CVSS 6.8 (medium): Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject…
CVE-2024-0008 — CVSS 6.6 (medium): Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible…
CVE-2017-5583 — CVSS 6.5 (medium): The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote…
CVE-2017-7216 — CVSS 6.5 (medium): The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information…
CVE-2024-5919 — CVSS 6.5 (medium): A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to…
CVE-2018-18065 — CVSS 6.5 (medium): _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated…
CVE-2023-0007 — CVSS 6.5 (medium): A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write…
CVE-2020-2003 — CVSS 6.5 (medium): An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary…
CVE-2017-7644 — CVSS 6.5 (medium): The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, and 7.1.x before 7.1.9 allows remote…
CVE-2021-3055 — CVSS 6.5 (medium): An improper restriction of XML external entity (XXE) reference vulnerability in the Palo Alto Networks PAN-OS web interface enables an…
CVE-2022-0011 — CVSS 6.5 (medium): PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed…
CVE-2023-0004 — CVSS 6.5 (medium): A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the…
CVE-2016-9149 — CVSS 6.5 (medium): The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15…
CVE-2021-3061 — CVSS 6.4 (medium): An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator…
CVE-2012-6597 — CVSS 6.3 (medium): Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service…
CVE-2024-0009 — CVSS 6.3 (medium): An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user…
CVE-2017-9467 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before…
CVE-2017-12416 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the GlobalProtect internal and external gateway interface in Palo Alto Networks PAN-OS before…
CVE-2017-15941 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x…
CVE-2017-16878 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers…
CVE-2017-7409 — CVSS 6.1 (medium): Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka…
CVE-2017-9459 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16…
CVE-2018-10139 — CVSS 6.1 (medium): The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and…
CVE-2018-10141 — CVSS 6.1 (medium): GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript…
CVE-2018-7636 — CVSS 6.1 (medium): The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via…
CVE-2019-1566 — CVSS 6.1 (medium): The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an…
CVE-2024-5913 — CVSS 6.1 (medium): An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the…
CVE-2024-2552 — CVSS 6.0 (medium): A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system…
CVE-2017-17841 — CVSS 5.9 (medium): Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a…
CVE-2022-0023 — CVSS 5.9 (medium): An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that…
CVE-2021-3048 — CVSS 5.9 (medium): Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This…
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2020-1978 — CVSS 5.8 (medium): TechSupport files generated on Palo Alto Networks VM Series firewalls for Microsoft Azure platform configured with high availability (HA)…
CVE-2023-6794 — CVSS 5.5 (medium): An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access…
CVE-2023-6792 — CVSS 5.5 (medium): An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt…
CVE-2018-9242 — CVSS 5.5 (medium): The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an…
CVE-2018-9334 — CVSS 5.5 (medium): The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS…
CVE-2023-38046 — CVSS 5.5 (medium): A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a…
CVE-2023-6795 — CVSS 5.5 (medium): An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system…
CVE-2019-1565 — CVSS 5.4 (medium): The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an…
CVE-2017-5584 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before…
CVE-2016-2219 — CVSS 5.4 (medium): Cross-site scripting (XSS) vulnerability in the management interface in Palo Alto Networks PAN-OS 7.x before 7.0.8 allows remote…
CVE-2023-0010 — CVSS 5.4 (medium): A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a…
CVE-2020-1998 — CVSS 5.4 (medium): An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML…
CVE-2018-9337 — CVSS 5.4 (medium): The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS…
CVE-2018-9335 — CVSS 5.4 (medium): The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier…
CVE-2020-1997 — CVSS 5.3 (medium): An open redirection vulnerability in the GlobalProtect component of Palo Alto Networks PAN-OS allows an attacker to specify an arbitrary…
CVE-2020-2039 — CVSS 5.3 (medium): An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload…
CVE-2020-1999 — CVSS 5.3 (medium): A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with…
CVE-2020-1996 — CVSS 5.3 (medium): A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject…
CVE-2024-3387 — CVSS 5.3 (medium): A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle…
CVE-2017-15943 — CVSS 5.3 (medium): The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks…
CVE-2012-6596 — CVSS 5.0 (medium): Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows…
CVE-2020-2031 — CVSS 4.9 (medium): An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to…
CVE-2024-5911 — CVSS 4.9 (medium): An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with…
CVE-2020-1995 — CVSS 4.9 (medium): A NULL pointer dereference vulnerability in Palo Alto Networks PAN-OS allows an authenticated administrator to send a request that causes…
CVE-2024-5917 — CVSS 4.9 (medium): A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative…
CVE-2021-3045 — CVSS 4.9 (medium): An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to…
CVE-2023-6791 — CVSS 4.9 (medium): A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the…
CVE-2024-5920 — CVSS 4.8 (medium): A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator…
CVE-2020-1982 — CVSS 4.8 (medium): Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak…
CVE-2024-9471 — CVSS 4.7 (medium): A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS…
CVE-2023-0008 — CVSS 4.4 (medium): A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the…
CVE-2021-3036 — CVSS 4.4 (medium): An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API…
CVE-2024-5916 — CVSS 4.4 (medium): An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally…
CVE-2024-8688 — CVSS 4.4 (medium): An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables…
CVE-2021-3032 — CVSS 4.4 (medium): An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where configuration secrets for the…
CVE-2023-6789 — CVSS 4.3 (medium): A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator…
CVE-2024-0010 — CVSS 4.3 (medium): A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables…
CVE-2024-0011 — CVSS 4.3 (medium): A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution…
CVE-2014-3764 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x…
CVE-2024-2433 — CVSS 4.3 (medium): An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload…
CVE-2013-5664 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and…
CVE-2013-5663 — CVSS 4.3 (medium): The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to…
CVE-2024-5918 — CVSS 4.3 (medium): An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted…
CVE-2018-10140 — CVSS 4.3 (medium): The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all…
CVE-2012-6590 — CVSS 4.3 (medium): The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via…
CVE-2017-7217 — CVSS 4.3 (medium): The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export…
CVE-2021-3047 — CVSS 4.2 (medium): A cryptographically weak pseudo-random number generator (PRNG) is used during authentication to the Palo Alto Networks PAN-OS web…
CVE-2020-1994 — CVSS 4.1 (medium): A predictable temporary file vulnerability in PAN-OS allows a local authenticated user with shell access to corrupt arbitrary system files…
CVE-2022-0022 — CVSS 4.1 (medium): Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user…