The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of PaloAlto Firewall PA-***

PAN-OS: external XML entity injection via GlobalProtect
An attacker can transmit malicious XML data via GlobalProtect to PAN-OS, in order to read a file, scan sites, or trigger a denial of service...
CVE-2017-9458, PAN-SA-2017-0024, VIGILANCE-VUL-23682
PAN-OS: Cross Site Scripting via GlobalProtect
An attacker can trigger a Cross Site Scripting via GlobalProtect of PAN-OS, in order to run JavaScript code in the context of the web site...
CVE-2017-12416, PAN-SA-2017-0023, VIGILANCE-VUL-23681
PAN-OS: code execution via DNS Proxy FQDN
An attacker can use a vulnerability via DNS Proxy FQDN of PAN-OS, in order to run code...
CVE-2017-8390, PAN-SA-2017-0021, VIGILANCE-VUL-23324
PAN-OS: Cross Site Scripting via GlobalProtect
An attacker can trigger a Cross Site Scripting via GlobalProtect of PAN-OS, in order to run JavaScript code in the context of the web site...
CVE-2017-9467, PAN-SA-2017-0020, VIGILANCE-VUL-23323
PAN-OS: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of PAN-OS, in order to run JavaScript code in the context of the web site...
CVE-2017-9459, PAN-SA-2017-0019, VIGILANCE-VUL-23322
Palo Alto PAN-OS: username disclosure via tje GlobalProtect function
An attacker can make many requests via the GlobalProtect functionality of Palo Alto PAN-OS, in order to get valid usernames...
CVE-2017-7945, PAN-70674, PAN-73914, PAN-SA-2017-0003, PAN-SA-2017-0008, PAN-SA-2017-0012, PAN-SA-2017-0013, PAN-SA-2017-0014, PAN-SA-2017-0016, VIGILANCE-VUL-22612
Palo Alto PAN-OS: information disclosure via the Web user interface
An attacker can bypass access restrictions to data via the Web user interface of Palo Alto PAN-OS, in order to obtain sensitive information...
CVE-2017-7644, PAN-70674, PAN-73914, PAN-SA-2017-0003, PAN-SA-2017-0008, PAN-SA-2017-0012, PAN-SA-2017-0013, PAN-SA-2017-0014, PAN-SA-2017-0016, VIGILANCE-VUL-22611
Palo Alto PAN-OS: Cross Site Scripting via GlobalProtect External Interface
An attacker can trigger a Cross Site Scripting via GlobalProtect External Interface of Palo Alto PAN-OS, in order to run JavaScript code in the context of the web site...
CVE-2017-7409, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0016, VIGILANCE-VUL-22531
Palo Alto PAN-OS: two vulnerabilities
An attacker can use several vulnerabilities of Palo Alto PAN-OS...
CVE-2017-7126-ERROR, CVE-2017-7216, CVE-2017-7218, PAN-SA-2017-0008, PAN-SA-2017-0009, PAN-SA-2017-0010, VIGILANCE-VUL-22408
Palo Alto PAN-OS: file corruption via the Web interface
An authenticated attacker can tamper with request parameters of the administration Web interface of Palo Alto PAN-OS, in order to write arbitrary data to som exported files...
CVE-2017-7217, PAN-SA-2017-0003, PAN-SA-2017-0008, VIGILANCE-VUL-22407
Our database contains other pages. You can request a free trial to read them.

Display information about PaloAlto Firewall PA-***: