paloaltonetworks
348 tracked vulnerabilities.
CVE-2020-2006
HIGH
PAN-OS 7.1.0-7.1.25 and 8.0 - Authenticated Stack-based Buffer Overflow
May 13, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-2005
HIGH
PAN-OS 7.1.0-7.1.25 - Cross-Site Scripting via GlobalProtect Clientless VPN
May 13, 2020
CVSS 7.1
EPSS 0.01
CVE-2020-2004
MEDIUM
GlobalProtect 5.0.0-5.0.8 and 5.1.0-5.1.1 - Sensitive Information Disclosure in PanGPS.log
May 13, 2020
CVSS 6.8
EPSS 0.00
CVE-2020-2003
MEDIUM
PAN-OS 7.1.0-7.1.25 - Authenticated Arbitrary File Deletion via Command Processing
May 13, 2020
CVSS 6.5
EPSS 0.01
CVE-2020-2002
HIGH
PAN-OS 7.1.0-7.1.25 - Authentication Bypass via Kerberos KDC Spoofing
May 13, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-2001
HIGH
Palo Alto Networks PAN-OS 7.1.0-7.1.25 - Unauthenticated Out-of-bounds Write via XSLT Processing
May 13, 2020
CVSS 8.1
EPSS 0.01
CVE-2020-1998
MEDIUM
PAN-OS 7.1.0-7.1.25 - Authentication Bypass via SAML Username Sharing
May 13, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-1997
MEDIUM
PAN-OS 7.1.0-7.1.25 - URL Redirection to Untrusted Site via GlobalProtect Component
May 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-1996
MEDIUM
PAN-OS 7.1.0-7.1.25 - Unauthenticated Log Injection in Management Server
May 13, 2020
CVSS 5.3
EPSS 0.01
CVE-2020-1995
MEDIUM
PAN-OS 9.1.0-9.1.1 - Authenticated Denial of Service via rasmgr Daemon NULL Pointer Dereference
May 13, 2020
CVSS 4.9
EPSS 0.01
CVE-2020-1994
MEDIUM
PAN-OS <8.1.13, <9.0.7 - Local Privilege Escalation
May 13, 2020
CVSS 4.1
EPSS 0.00
CVE-2020-1993
LOW
PAN-OS <8.1.14, <9.0.8 - Session Fixation
May 13, 2020
CVSS 3.7
EPSS 0.00
CVE-2020-1992
HIGH
PAN-OS 9.0.0-9.0.6 - Use-After-Free in Varrcvr Daemon via WildFire Log Forwarding
Apr 08, 2020
CVSS 8.1
EPSS 0.03
CVE-2020-1991
HIGH
Palo Alto Networks Traps <5.0.8-6.1.4 - Privilege Escalation
Apr 08, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-1990
HIGH
PAN-OS 8.1.0-8.1.12 - Authenticated Stack-based Buffer Overflow via Corrupted Configuration Upload
Apr 08, 2020
CVSS 7.2
EPSS 0.02
CVE-2020-1989
HIGH
Palo Alto Networks GlobalProtect Agent for Linux < 5.0.8 - Authenticated Privilege Escalation via Application File Write
Apr 08, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-1988
MEDIUM
Palo Alto Networks GlobalProtect Agent <5.0.5-4.1.13 - Privilege Es...
Apr 08, 2020
CVSS 4.2
EPSS 0.00
CVE-2020-1987
LOW
GlobalProtect 5.0-5.0.8 - Authenticated VPN Cookie Exposure via Troubleshooting Log Level
Apr 08, 2020
CVSS 3.9
EPSS 0.00
CVE-2020-1986
MEDIUM
Secdo - Authenticated Denial of Service via Improper Input Validation
Apr 08, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-1985
HIGH
Secdo - Incorrect Default Permissions in Logs Folder
Apr 08, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-1984
HIGH
Secdo - Privilege Escalation via Hardcoded Script Path
Apr 08, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-1978
MEDIUM
Palo Alto Networks VM-Series < 1.0.9 - Insufficiently Protected Azure Dashboard Credentials in TechSupport Files
Apr 08, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-1981
HIGH
PAN-OS 8.1.0-8.1.12 - Local Privilege Escalation via Predictable Temporary Filename
Mar 11, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-1980
HIGH
PAN-OS 8.1.0-8.1.12 - Authenticated OS Command Injection via CLI
Mar 11, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-1979
HIGH
PAN-OS < 8.1.13 - Remote Code Execution via Format String in Log Daemon
Mar 11, 2020
CVSS 8.1
EPSS 0.01
Products
pan-os 226
globalprotect 35
cortex_xdr_agent 20
expedition 16
cortex_xsoar 11
prisma_access 8
prisma_cloud 4
expedition_migration_tool 3
idira_endpoint_privilege_manager 3
secdo 3
terminal_services_agent 3
traps 3
bridgecrew_checkov 2
prisma_access_agent 2
trust_protection_foundation 2
autonomous_digital_experience_manager 1
broker_vm 1
chronosphere_collector 1
cloud_ngfw 1
cortex_xsiam 1
cortex_xsiam_commvaultsecurityiq_marketplace 1
cortex_xsoar_commonscripts 1
cortex_xsoar_commvaultsecurityiq_marketplace 1
demisto 1
idira_identity_browser_extension 1
idira_privilege_cloud_connector 1
idira_privileged_access_manager_vault 1
idira_privileged_session_manager 1
idira_privileged_session_manager_for_ssh 1
idira_secrets_manager 1
Quick Filters