Vulnerabilities > Paloaltonetworks

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-11	CVE-2024-8686	OS Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall. network low complexity paloaltonetworks CWE-78	7.2
2024-09-11	CVE-2024-8687	Unspecified vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. network low complexity paloaltonetworks	7.1
2024-09-11	CVE-2024-8688	Unspecified vulnerability in Paloaltonetworks Pan-Os An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall. local low complexity paloaltonetworks	4.4
2024-09-11	CVE-2024-8690	Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.102 A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. local low complexity paloaltonetworks	4.4
2024-09-11	CVE-2024-8691	Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. network low complexity paloaltonetworks CWE-863	7.1
2024-08-14	CVE-2024-5914	Command Injection vulnerability in Paloaltonetworks Cortex Xsoar Commonscripts A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an unauthenticated attacker to execute arbitrary commands within the context of an integration container. network low complexity paloaltonetworks CWE-77 critical	9.8
2024-08-14	CVE-2024-5915	Incorrect Permission Assignment for Critical Resource vulnerability in Paloaltonetworks Globalprotect A privilege escalation (PE) vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated privileges. local low complexity paloaltonetworks CWE-732	7.8
2024-08-14	CVE-2024-5916	Cleartext Storage of Sensitive Information vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. local low complexity paloaltonetworks CWE-312	4.4
2024-07-10	CVE-2024-5910	Missing Authentication for Critical Function vulnerability in Paloaltonetworks Expedition Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. network low complexity paloaltonetworks CWE-306 critical	9.8
2024-06-12	CVE-2024-5905	Unspecified vulnerability in Paloaltonetworks Cortex XDR Agent 7.9.0/7.9.101 A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. local low complexity paloaltonetworks	4.4

Vulnerabilities > Paloaltonetworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Paloaltonetworks"}]}

Vulnerabilities > Paloaltonetworks