Shodan
Vulnerabilities
Vulnerable Software
Paloaltonetworks:  >> Pan-Os  Security Vulnerabilities
CVE-2016-3656
The GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote attackers to cause a denial of service (service crash) via a crafted request.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-04-12
CVE-2016-3657
Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to cause a denial of service (device crash) or possibly execute arbitrary code via an SSL VPN request.
CVSS Score
9.8
EPSS Score
0.03
Published
2016-04-12
CVE-2016-3655
The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute arbitrary OS commands via an unspecified API call.
CVSS Score
9.8
EPSS Score
0.013
Published
2016-04-12
CVE-2016-3654
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.
CVSS Score
7.2
EPSS Score
0.005
Published
2016-04-12
CVE-2015-4162
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data.
CVSS Score
4.0
EPSS Score
0.003
Published
2015-06-02
CVE-2014-3764
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-01-06
CVE-2012-6590
The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.
CVSS Score
4.3
EPSS Score
0.002
Published
2013-08-31
CVE-2012-6591
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 31116.
CVSS Score
9.0
EPSS Score
0.009
Published
2013-08-31
CVE-2012-6592
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.
CVSS Score
10.0
EPSS Score
0.041
Published
2013-08-31
CVE-2012-6593
Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088.
CVSS Score
10.0
EPSS Score
0.041
Published
2013-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved