Shodan
Vulnerabilities
Vulnerable Software
Paloaltonetworks:  >> Pan-Os  >> 4.0.8  Security Vulnerabilities
CVE-2017-5583
The Management Web Interface in Palo Alto Networks PAN-OS before 6.1.16, 7.0.x before 7.0.13, and 7.1.x before 7.1.8 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVSS Score
6.5
EPSS Score
0.004
Published
2017-03-15
CVE-2015-4162
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data.
CVSS Score
4.0
EPSS Score
0.003
Published
2015-06-02
CVE-2014-3764
Cross-site scripting (XSS) vulnerability in the web-based device management interface in Palo Alto Networks PAN-OS before 5.0.15, 5.1.x before 5.1.10, and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Ref ID 64563.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-01-06
CVE-2012-6595
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated administrators to execute arbitrary commands via unspecified vectors, aka Ref ID 34595.
CVSS Score
9.0
EPSS Score
0.007
Published
2013-08-31
CVE-2012-6596
Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.
CVSS Score
5.0
EPSS Score
0.002
Published
2013-08-31
CVE-2012-6597
Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.
CVSS Score
6.3
EPSS Score
0.004
Published
2013-08-31
CVE-2012-6600
The device-management command-line interface in Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.2 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Ref ID 34502.
CVSS Score
9.0
EPSS Score
0.007
Published
2013-08-31
CVE-2012-6601
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.
CVSS Score
10.0
EPSS Score
0.084
Published
2013-08-31
CVE-2012-6603
The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.
CVSS Score
10.0
EPSS Score
0.01
Published
2013-08-31
CVE-2012-6604
The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.
CVSS Score
9.0
EPSS Score
0.017
Published
2013-08-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved