Vulnerabilities > Paloaltonetworks > PAN OS > 7.0.5.h2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-11 | CVE-2017-15943 | Server-Side Request Forgery (SSRF) vulnerability in Paloaltonetworks Pan-Os The configuration file import for applications, spyware and vulnerability objects functionality in the web interface in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, and 7.1.x before 7.1.14 allows remote attackers to conduct server-side request forgery (SSRF) attacks and consequently obtain sensitive information via vectors related to parsing of external entities. | 5.3 |
| 2017-12-11 | CVE-2017-15942 | Unspecified vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.13, and 8.0.x before 8.0.6 allows remote attackers to cause a denial of service via vectors related to the management interface. | 7.5 |
| 2017-12-11 | CVE-2017-15940 | Command Injection vulnerability in Paloaltonetworks Pan-Os The web interface packet capture management component in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote authenticated users to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-11-13 | CVE-2016-8610 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. | 7.5 |
| 2017-05-02 | CVE-2017-7216 | Information Exposure vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters. | 6.5 |
| 2017-04-21 | CVE-2017-7409 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674. | 6.1 |
| 2017-04-14 | CVE-2017-7218 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 7.8 |
| 2017-04-14 | CVE-2017-7217 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters. | 4.3 |
| 2017-03-15 | CVE-2017-5584 | Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
| 2017-03-15 | CVE-2017-5583 | Information Exposure vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors. | 6.5 |