Vulnerabilities > Paloaltonetworks > PAN OS > 9.0.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-11 | CVE-2021-3048 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. | 5.9 |
| 2021-08-11 | CVE-2021-3050 | OS Command Injection vulnerability in Paloaltonetworks Pan-Os An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. | 8.8 |
| 2020-11-12 | CVE-2020-2050 | Improper Authentication vulnerability in Paloaltonetworks Pan-Os An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. | 8.2 |
| 2020-11-12 | CVE-2020-2048 | Information Exposure Through Log Files vulnerability in Paloaltonetworks Pan-Os An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo Alto Networks PAN-OS software. | 3.3 |
| 2020-11-12 | CVE-2020-2022 | Improper Privilege Management vulnerability in Paloaltonetworks Pan-Os An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. | 7.5 |
| 2020-11-12 | CVE-2020-1999 | Improper Check for Unusual or Exceptional Conditions vulnerability in Paloaltonetworks Pan-Os A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. | 5.3 |
| 2020-05-13 | CVE-2020-2011 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. | 7.5 |