Paloaltonetworks

Pan-os

226 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2023-6795

  • EPSS 0.12%
  • Published 13.12.2023 19:15:10
  • Last modified 21.11.2024 08:44:34

An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.

6.1

CVE-2023-6790

  • EPSS 0.19%
  • Published 13.12.2023 19:15:09
  • Last modified 21.11.2024 08:44:33

A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS...

4.9

CVE-2023-6791

  • EPSS 0.12%
  • Published 13.12.2023 19:15:09
  • Last modified 21.11.2024 08:44:34

A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from ...

6.3

CVE-2023-6792

  • EPSS 0.2%
  • Published 13.12.2023 19:15:09
  • Last modified 21.11.2024 08:44:34

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.

2.7

CVE-2023-6793

  • EPSS 0.08%
  • Published 13.12.2023 19:15:09
  • Last modified 21.11.2024 08:44:34

An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.

4.8

CVE-2023-6789

  • EPSS 0.16%
  • Published 13.12.2023 19:15:08
  • Last modified 21.11.2024 08:44:33

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administr...

4.9

CVE-2023-38046

  • EPSS 0.19%
  • Published 12.07.2023 17:15:08
  • Last modified 21.11.2024 08:12:44

A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.

5.4

CVE-2023-0010

  • EPSS 0.86%
  • Published 14.06.2023 17:15:09
  • Last modified 21.11.2024 07:36:23

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on...

4.4

CVE-2023-0008

  • EPSS 0.24%
  • Published 10.05.2023 17:15:09
  • Last modified 21.11.2024 07:36:22

A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.

4.8

CVE-2023-0007

  • EPSS 0.45%
  • Published 10.05.2023 17:15:08
  • Last modified 21.11.2024 07:36:22

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another a...