paloaltonetworks

348 tracked vulnerabilities.

CVE-2023-0006 MEDIUM
Palo Alto Networks GlobalProtect < - Privilege Escalation
Apr 12, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-0005 MEDIUM
Palo Alto Networks PAN-OS - Info Disclosure
Apr 12, 2023
CVSS 4.1
EPSS 0.00
CVE-2023-0004 MEDIUM
Palo Alto Networks PAN-OS - Privilege Escalation
Apr 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-0003 MEDIUM
Palo Alto Networks Cortex XSOAR - Info Disclosure
Feb 08, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-0002 MEDIUM
Palo Alto Networks Cortex XDR < - Privilege Escalation
Feb 08, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-0001 MEDIUM
Palo Alto Networks Cortex XDR < - Info Disclosure
Feb 08, 2023
CVSS 6.0
EPSS 0.00
CVE-2022-0031 MEDIUM
Cortex XSOAR - Local Privilege Escalation via Insufficient Verification of Data Authenticity
Nov 09, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-0030 HIGH
PAN-OS 8.1.0-8.1.23 - Authentication Bypass via Web Interface Impersonation
Oct 12, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-0029 MEDIUM
Palo Alto Networks Cortex XDR Agent 5.0-5.0.11/7.5-7.5.100 Local Privilege Escalation
Sep 14, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-0028 HIGH KEV
PAN-OS >=8.1.0 <8.1.23 - Reflected and Amplified TCP Denial-of-Service via URL Filtering Policy Misconfiguration
Aug 10, 2022
CVSS 8.6
EPSS 0.02
CVE-2022-0027 MEDIUM
Cortex XSOAR 6.1-6.2, 6.5, < 6.6.0.2585049 - Authenticated Unauthorized Incident Data Access via Email Report Generation
May 11, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-0026 MEDIUM
Cortex XDR Agent - Local Privilege Escalation via File Creation in Windows Root Directory
May 11, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-0025 MEDIUM
Cortex XDR Agent 7.7.0 - Authenticated Local Privilege Escalation via Uncontrolled Search Path
May 11, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-0024 HIGH
Palo Alto Networks PAN-OS <8.1.23, <9.0 - Privilege Escalation
May 11, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-0023 MEDIUM
PAN-OS 8.1.0-8.1.21, 9.0.0-9.0.15, 9.1.0-9.1.12, 10.0.0-10.0.9, 10.1.0-10.1.4 DoS via DNS Proxy
Apr 13, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-0022 MEDIUM
Palo Alto Networks PAN-OS - Password Cracking
Mar 09, 2022
CVSS 4.1
EPSS 0.00
CVE-2022-0021 LOW
GlobalProtect 5.2 < 5.2.9 - Cleartext Credential Exposure in Log Files
Feb 10, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-0020 MEDIUM
Cortex XSOAR 6.1.0 and < 6.2.0 build 1958888 - Authenticated Stored Cross-Site Scripting
Feb 10, 2022
CVSS 6.8
EPSS 0.02
CVE-2022-0019 MEDIUM
Palo Alto Networks GlobalProtect 5.1-5.1.9, 5.2-5.2.7, 5.3-5.3.1 - Insufficiently Protected Credentials
Feb 10, 2022
CVSS 4.7
EPSS 0.00
CVE-2022-0018 MEDIUM
GlobalProtect 5.1-5.1.9 and 5.2-5.2.8 - Unauthenticated Credential Exposure via Single Sign-On Feature
Feb 10, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-0017 HIGH
GlobalProtect 5.1-5.1.9 and 5.2-5.2.4 - Local Privilege Escalation via Improper Link Resolution
Feb 10, 2022
CVSS 7.0
EPSS 0.00
CVE-2022-0016 HIGH
Palo Alto Networks GlobalProtect 5.2 < 5.2.9 - Local Privilege Escalation via Connect Before Logon
Feb 10, 2022
CVSS 7.4
EPSS 0.00
CVE-2022-0011 MEDIUM
PAN-OS 8.1.0-8.1.20, 9.0.x, 9.1.0-9.1.11, 10.0.0-10.0.7, 10.1.0-10.1.2 & Prisma Access 2.1-2.2 URL Filtering Bypass
Feb 10, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-0015 HIGH
Cortex XDR Agent 5.0-5.0.11 and 6.1-6.1.8 - Authenticated Local Privilege Escalation via Uncontrolled Search Path
Jan 12, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-0014 MEDIUM
Cortex XDR Agent 5.0-5.0.11, 6.1-6.1.8, 7.2-7.2.3, 7.3-7.3.1 - Untrusted Search Path via Live Terminal Session
Jan 12, 2022
CVSS 6.7
EPSS 0.00