paloaltonetworks

310 tracked vulnerabilities.

CVE-2022-0024 HIGH
Palo Alto Networks PAN-OS <8.1.23, <9.0 - Privilege Escalation
May 11, 2022
CVSS 7.2
EPSS 0.02
CVE-2022-0023 MEDIUM
PAN-OS 8.1.0-8.1.21, 9.0.0-9.0.15, 9.1.0-9.1.12, 10.0.0-10.0.9, 10.1.0-10.1.4 DoS via DNS Proxy
Apr 13, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-0022 MEDIUM
Palo Alto Networks PAN-OS - Password Cracking
Mar 09, 2022
CVSS 4.1
EPSS 0.00
CVE-2022-0021 LOW
GlobalProtect 5.2 < 5.2.9 - Cleartext Credential Exposure in Log Files
Feb 10, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-0020 MEDIUM
Cortex XSOAR 6.1.0 and < 6.2.0 build 1958888 - Authenticated Stored Cross-Site Scripting
Feb 10, 2022
CVSS 6.8
EPSS 0.01
CVE-2022-0019 MEDIUM
Palo Alto Networks GlobalProtect 5.1-5.1.9, 5.2-5.2.7, 5.3-5.3.1 - Insufficiently Protected Credentials
Feb 10, 2022
CVSS 4.7
EPSS 0.00
CVE-2022-0018 MEDIUM
GlobalProtect 5.1-5.1.9 and 5.2-5.2.8 - Unauthenticated Credential Exposure via Single Sign-On Feature
Feb 10, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-0017 HIGH
GlobalProtect 5.1-5.1.9 and 5.2-5.2.4 - Local Privilege Escalation via Improper Link Resolution
Feb 10, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-0016 HIGH
Palo Alto Networks GlobalProtect 5.2 < 5.2.9 - Local Privilege Escalation via Connect Before Logon
Feb 10, 2022
CVSS 7.4
EPSS 0.00
CVE-2022-0011 MEDIUM
PAN-OS 8.1.0-8.1.20, 9.0.x, 9.1.0-9.1.11, 10.0.0-10.0.7, 10.1.0-10.1.2 & Prisma Access 2.1-2.2 URL Filtering Bypass
Feb 10, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-0015 HIGH
Cortex XDR Agent 5.0-5.0.11 and 6.1-6.1.8 - Authenticated Local Privilege Escalation via Uncontrolled Search Path
Jan 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0014 MEDIUM
Cortex XDR Agent 5.0-5.0.11, 6.1-6.1.8, 7.2-7.2.3, 7.3-7.3.1 - Untrusted Search Path via Live Terminal Session
Jan 12, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-0013 MEDIUM
Cortex XDR Agent 5.0-5.0.11, 6.1-6.1.8, 7.2-7.2.3, 7.3-7.3.1 - Arbitrary File Read via Support File
Jan 12, 2022
CVSS 5.0
EPSS 0.00
CVE-2022-0012 MEDIUM
Cortex XDR Agent Arbitrary File Deletion and DoS via Improper Link Resolution
Jan 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2021-3064 CRITICAL
Palo Alto Networks <8.1.17 - Memory Corruption
Nov 10, 2021
CVSS 9.8
EPSS 0.53
CVE-2021-3063 HIGH
PAN-OS 8.1.0-8.1.20 - Unauthenticated Denial of Service via GlobalProtect Interface
Nov 10, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-3062 HIGH
PAN-OS <8.1.20, <9.1.11 - Privilege Escalation
Nov 10, 2021
CVSS 8.1
EPSS 0.00
CVE-2021-3061 MEDIUM
Palo Alto Networks PAN-OS 8.1.0-8.1.19 and Prisma Access - Authenticated OS Command Injection via CLI
Nov 10, 2021
CVSS 6.4
EPSS 0.00
CVE-2021-3060 HIGH
PAN-OS <8.1.20-h1, <9.0.14-h3, <9.1 - Code Injection
Nov 10, 2021
CVSS 8.1
EPSS 0.38
CVE-2021-3059 HIGH
Palo Alto Networks PAN-OS 8.1 < 8.1.20 - OS Command Injection via Dynamic Updates
Nov 10, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-3058 HIGH
PAN-OS 8.1.0-8.1.19 - Authenticated OS Command Injection via XML API
Nov 10, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-3056 HIGH
Palo Alto Networks PAN-OS Authenticated RCE via SAML Authentication
Nov 10, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-3057 HIGH
Palo Alto Networks GlobalProtect <5.1.9-5.2.8 - Buffer Overflow
Oct 13, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-3055 MEDIUM
Palo Alto Networks PAN-OS <8.1 - RCE, DoS
Sep 08, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-3054 HIGH
PAN-OS Authenticated RCE via Plugin Upload Race Condition
Sep 08, 2021
CVSS 7.2
EPSS 0.01
Products
pan-os 211 globalprotect 34 cortex_xdr_agent 19 expedition 16 cortex_xsoar 9 prisma_access 7 prisma_cloud 4 expedition_migration_tool 3 secdo 3 terminal_services_agent 3 traps 3 bridgecrew_checkov 2 cortex_xsoar_commonscripts 1 demisto 1 minemeld 1 netconnect 1 twistlock 1 vm-series 1
Quick Filters
Critical CVEs With Exploits In CISA KEV