Paloaltonetworks

Pan-os

229 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2019-1579

Warnung Exploit
  • EPSS 93.03%
  • Veröffentlicht 19.07.2019 22:15:11
  • Zuletzt bearbeitet 04.11.2025 16:49:38

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code...

8.8

CVE-2019-1575

  • EPSS 0.68%
  • Veröffentlicht 16.07.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:36:50

Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the us...

8.8

CVE-2019-1576

  • EPSS 3.16%
  • Veröffentlicht 16.07.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:36:50

Command injection in PAN-0S 9.0.2 and earlier may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.

7.5

CVE-2019-1572

  • EPSS 0.46%
  • Veröffentlicht 26.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:50

PAN-OS 9.0.0 may allow an unauthenticated remote user to access php files.

5.9

CVE-2019-1559

  • EPSS 5.05%
  • Veröffentlicht 27.02.2019 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:48

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid...

5.4

CVE-2019-1565

  • EPSS 0.42%
  • Veröffentlicht 30.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:49

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configura...

6.1

CVE-2019-1566

  • EPSS 1.32%
  • Veröffentlicht 30.01.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:36:49

The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML.

6.1

CVE-2018-10141

  • EPSS 44.15%
  • Veröffentlicht 12.10.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:55

GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.

6.5

CVE-2018-18065

Exploit
  • EPSS 11.46%
  • Veröffentlicht 08.10.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:25

_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

6.1

CVE-2018-10139

  • EPSS 0.76%
  • Veröffentlicht 16.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:54

The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affect...