Paloaltonetworks

Prisma Access

34 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-0130

Medienbericht
  • EPSS 0.3%
  • Veröffentlicht 14.05.2025 17:37:40
  • Zuletzt bearbeitet 06.10.2025 16:18:22

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboo...

9.3

CVE-2025-0129

  • EPSS 0.28%
  • Veröffentlicht 11.04.2025 22:25:36
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An improper exception check in Palo Alto Networks Prisma Access Browser allows a low privileged user to prevent Prisma Access Browser from applying it's Policy Rules. This enables the user to use Prisma Access Browser without any restrictions.

5.9

CVE-2025-0123

  • EPSS 0.18%
  • Veröffentlicht 11.04.2025 17:43:05
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures...

8.7

CVE-2025-0128

Medienbericht
  • EPSS 0.11%
  • Veröffentlicht 11.04.2025 02:15:19
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted pack...

8.3

CVE-2025-0126

Medienbericht
  • EPSS 0.36%
  • Veröffentlicht 11.04.2025 02:15:18
  • Zuletzt bearbeitet 15.04.2026 00:35:42

When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click ...

6.9

CVE-2025-0125

Medienbericht
  • EPSS 0.54%
  • Veröffentlicht 11.04.2025 02:15:18
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator....

6.8

CVE-2025-0116

  • EPSS 0.08%
  • Veröffentlicht 12.03.2025 18:34:38
  • Zuletzt bearbeitet 15.04.2026 00:35:42

A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this c...

6.9

CVE-2025-0109

  • EPSS 0.14%
  • Veröffentlicht 12.02.2025 21:15:16
  • Zuletzt bearbeitet 15.04.2026 00:35:42

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includ...

9.8

CVE-2025-0107

  • EPSS 79.53%
  • Veröffentlicht 11.01.2025 03:15:22
  • Zuletzt bearbeitet 23.01.2026 21:50:52

An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device conf...

5.3

CVE-2025-0106

  • EPSS 0.51%
  • Veröffentlicht 11.01.2025 03:15:22
  • Zuletzt bearbeitet 23.01.2026 21:52:57

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.