Paloaltonetworks

Prisma Access

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2024-9468

  • EPSS 0.6%
  • Veröffentlicht 09.10.2024 17:15:20
  • Zuletzt bearbeitet 01.12.2025 17:19:55

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger ...

7.1

CVE-2024-8687

  • EPSS 0.37%
  • Veröffentlicht 11.09.2024 17:15:14
  • Zuletzt bearbeitet 03.10.2024 00:26:56

An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the passwo...

7

CVE-2024-5911

  • EPSS 0.21%
  • Veröffentlicht 10.07.2024 19:15:11
  • Zuletzt bearbeitet 21.11.2024 09:48:34

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause th...

5

CVE-2024-3388

  • EPSS 0.18%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 24.01.2025 16:16:18

A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to r...

5.3

CVE-2024-3387

  • EPSS 0.02%
  • Veröffentlicht 10.04.2024 17:15:57
  • Zuletzt bearbeitet 21.11.2024 09:29:30

A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages...

4.3

CVE-2024-2433

  • EPSS 0.04%
  • Veröffentlicht 13.03.2024 18:15:08
  • Zuletzt bearbeitet 21.11.2024 09:09:44

An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which p...

6.5

CVE-2022-0011

  • EPSS 0.3%
  • Veröffentlicht 10.02.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:37:48

PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL categor...

9.3

CVE-2021-3060

  • EPSS 40.2%
  • Veröffentlicht 10.11.2021 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:20:52

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code wit...

9

CVE-2021-3061

  • EPSS 0.44%
  • Veröffentlicht 10.11.2021 17:15:10
  • Zuletzt bearbeitet 21.11.2024 06:20:52

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 ...