Shodan
Vulnerabilities
Vulnerable Software
Paloaltonetworks:  Security Vulnerabilities
CVE-2017-7218
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-04-14
CVE-2017-7408
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.
CVSS Score
7.5
EPSS Score
0.005
Published
2017-04-14
CVE-2017-6356
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak permissions for unspecified resources, which allows attackers to obtain sensitive session information via unknown vectors.
CVSS Score
5.3
EPSS Score
0.001
Published
2017-03-20
CVE-2017-5583
The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.006
Published
2017-03-15
CVE-2017-5584
Cross-site scripting (XSS) vulnerability in the Management Web Interface in Palo Alto Networks PAN-OS 5.1, 6.x before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-03-15
CVE-2017-5328
Palo Alto Networks Terminal Services Agent before 7.0.7 allows attackers to spoof arbitrary users via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-01-27
CVE-2017-5329
Palo Alto Networks Terminal Services Agent before 7.0.7 allows local users to gain privileges via vectors that trigger an out-of-bounds write operation.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-01-27
CVE-2016-9151
Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.
CVSS Score
7.8
EPSS Score
0.003
Published
2016-11-19
CVE-2016-9150
Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
9.8
EPSS Score
0.489
Published
2016-11-19
CVE-2016-9149
The Addresses Object parser in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 mishandles single quote characters, which allows remote authenticated users to conduct XPath injection attacks via a crafted string.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-11-19


Products
Pricing
Contact Us

Shodan ® - All rights reserved