Filtered by vendor Paloaltonetworks Subscriptions
Filtered by product Pan-os Subscriptions
Total 189 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-6604 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.
CVE-2012-6603 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.
CVE-2012-6602 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 30122.
CVE-2012-6601 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.
CVE-2012-6600 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502.
CVE-2012-6599 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 and 4.1.x before 4.1.1 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33476.
CVE-2012-6598 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 33080.
CVE-2012-6597 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.
CVE-2012-6596 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.
CVE-2012-6595 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595.
CVE-2012-6594 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11, 4.0.x before 4.0.8, and 4.1.x before 4.1.1 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34299.
CVE-2012-6593 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088.
CVE-2012-6592 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.
CVE-2012-6591 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116.
CVE-2012-6590 1 Paloaltonetworks 1 Pan-os 2024-11-21 N/A
The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.
CVE-2024-2551 1 Paloaltonetworks 1 Pan-os 2024-11-19 N/A
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
CVE-2024-5919 1 Paloaltonetworks 1 Pan-os 2024-11-15 N/A
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.
CVE-2024-2552 1 Paloaltonetworks 1 Pan-os 2024-11-15 N/A
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.
CVE-2024-2550 1 Paloaltonetworks 1 Pan-os 2024-11-15 N/A
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
CVE-2024-5920 1 Paloaltonetworks 1 Pan-os 2024-11-15 N/A
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser.