Vulnerabilities > Paloaltonetworks > PAN OS > 10.2.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-12 | CVE-2024-3400 | Command Injection vulnerability in Paloaltonetworks Pan-Os A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. | 10.0 |
| 2024-04-10 | CVE-2024-3382 | Memory Leak vulnerability in Paloaltonetworks Pan-Os A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. | 7.5 |
| 2024-04-10 | CVE-2024-3385 | NULL Pointer Dereference vulnerability in Paloaltonetworks Pan-Os A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. | 7.5 |
| 2024-04-10 | CVE-2024-3388 | Incorrect Authorization vulnerability in Paloaltonetworks Pan-Os A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. | 5.0 |