Shodan
Vulnerabilities
Vulnerable Software
Paloaltonetworks:  >> Pan-Os  >> 6.1.20  Security Vulnerabilities
CVE-2018-9337
The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-07-03
CVE-2018-9242
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-07-03
CVE-2018-9334
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-07-03
CVE-2018-9335
The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-07-03
CVE-2017-16878
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject arbitrary web script or HTML by leveraging an unspecified configuration.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-01-10
CVE-2017-7216
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to obtain sensitive information via unspecified request parameters.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-05-02
CVE-2017-7409
Palo Alto Networks PAN-OS before 7.0.15 has XSS in the GlobalProtect external interface via crafted request parameters, aka PAN-SA-2017-0011 and PAN-70674.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-04-21
CVE-2017-7217
The Management Web Interface in Palo Alto Networks PAN-OS before 7.0.14 and 7.1.x before 7.1.9 allows remote attackers to write to export files via unspecified parameters.
CVSS Score
4.3
EPSS Score
0.002
Published
2017-04-14
CVE-2017-7218
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-04-14
CVE-2016-5195
Known exploited
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."
CVSS Score
7.0
EPSS Score
0.942
Published
2016-11-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved