Paloaltonetworks

Pan-os

231 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2024-3383

  • EPSS 0.25%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 15:29:26

A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied ...

7.5

CVE-2024-3384

  • EPSS 0.73%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 15:54:56

A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter ...

7.5

CVE-2024-3385

  • EPSS 2.66%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 15:55:48

A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring th...

5.3

CVE-2024-3386

  • EPSS 0.24%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 15:58:52

An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exc...

5.9

CVE-2024-3387

  • EPSS 0.11%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 30.01.2026 21:13:20

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages...

5

CVE-2024-3388

  • EPSS 0.17%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 16:16:18

A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to r...

7.5

CVE-2024-3382

  • EPSS 0.37%
  • Veröffentlicht 10.04.2024 17:15:56
  • Zuletzt bearbeitet 22.01.2025 15:44:24

A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devic...

2.7

CVE-2024-2433

  • EPSS 0.05%
  • Veröffentlicht 13.03.2024 18:15:08
  • Zuletzt bearbeitet 30.01.2026 20:58:17

An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which p...

4.8

CVE-2024-0007

  • EPSS 0.53%
  • Veröffentlicht 14.02.2024 18:15:47
  • Zuletzt bearbeitet 17.12.2024 18:09:56

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation o...

8.8

CVE-2024-0008

  • EPSS 0.25%
  • Veröffentlicht 14.02.2024 18:15:47
  • Zuletzt bearbeitet 09.12.2024 15:18:26

Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.