Vulnerabilities > Paloaltonetworks > PAN OS > 6.1.20

DATE CVE VULNERABILITY TITLE RISK
2018-07-03 CVE-2018-9334 Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup.
local
low complexity
paloaltonetworks CWE-269
2.1
2.1
2018-07-03 CVE-2018-9242 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.
local
low complexity
paloaltonetworks CWE-20
6.6
6.6
2018-01-10 CVE-2017-16878 Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject arbitrary web script or HTML by leveraging an unspecified configuration. 		4.3
4.3
2017-05-02 CVE-2017-7216 Information Exposure vulnerability in Paloaltonetworks Pan-Os
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.
network
low complexity
paloaltonetworks CWE-200
4.0
4.0
2017-04-21 CVE-2017-7409 Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os
Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674. 		4.3
4.3
2017-04-14 CVE-2017-7218 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
local
low complexity
paloaltonetworks CWE-20
4.6
4.6
2017-04-14 CVE-2017-7217 Improper Input Validation vulnerability in Paloaltonetworks Pan-Os
The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.
network
low complexity
paloaltonetworks CWE-20
4.0
4.0