Vulnerabilities > Paloaltonetworks > PAN OS

DATE CVE VULNERABILITY TITLE RISK
2020-08-12 CVE-2020-2035 Unspecified vulnerability in Paloaltonetworks Pan-Os
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake.
network
high complexity
paloaltonetworks
3.0
2020-07-08 CVE-2020-2034 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network based attacker to execute arbitrary OS commands with root privileges.
network
high complexity
paloaltonetworks CWE-78
8.1
2020-07-08 CVE-2020-2031 Integer Underflow (Wrap or Wraparound) vulnerability in Paloaltonetworks Pan-Os 9.1.0/9.1.1/9.1.2
An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding.
network
low complexity
paloaltonetworks CWE-191
4.9
2020-07-08 CVE-2020-2030 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.
network
low complexity
paloaltonetworks CWE-78
7.2
2020-07-08 CVE-2020-1982 Inadequate Encryption Strength vulnerability in Paloaltonetworks Pan-Os
Certain communication between PAN-OS and cloud-delivered services inadvertently use TLS 1.0, which is known to be a cryptographically weak protocol.
network
high complexity
paloaltonetworks CWE-326
4.8
2020-06-29 CVE-2020-2021 Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Pan-Os
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources.
network
low complexity
paloaltonetworks CWE-347
critical
10.0
2020-06-10 CVE-2020-2029 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration.
network
low complexity
paloaltonetworks CWE-78
7.2
2020-06-10 CVE-2020-2028 OS Command Injection vulnerability in Paloaltonetworks Pan-Os
An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode.
network
low complexity
paloaltonetworks CWE-78
7.2
2020-06-10 CVE-2020-2027 Out-of-bounds Write vulnerability in Paloaltonetworks Pan-Os
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges.
network
low complexity
paloaltonetworks CWE-787
7.2
2020-05-13 CVE-2020-2018 Improper Authentication vulnerability in Paloaltonetworks Pan-Os
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls.
network
high complexity
paloaltonetworks CWE-287
critical
9.0