The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of PaloAlto Firewall PA-***

OpenSSL: information disclosure via RSA Constant Time Key Generation
An attacker can bypass access restrictions to data via RSA Constant Time Key Generation of OpenSSL, in order to obtain sensitive information...
bulletinjul2018, CERTFR-2018-AVI-511, CERTFR-2018-AVI-607, cpuapr2019, cpuapr2020, cpujan2019, cpujul2019, cpuoct2018, CVE-2018-0737, DLA-1449-1, DSA-2020-030, DSA-4348-1, DSA-4355-1, FEDORA-2019-00c25b9379, ibm10729805, ibm10743283, ibm10880781, JSA10919, JSA10990, openSUSE-SU-2018:2695-1, openSUSE-SU-2018:2957-1, openSUSE-SU-2018:3015-1, openSUSE-SU-2019:0152-1, openSUSE-SU-2019:1432-1, PAN-SA-2018-0015, RHSA-2018:3221-01, SA44073-2019-03, SSA:2018-226-01, SUSE-SU-2018:2486-1, SUSE-SU-2018:2492-1, SUSE-SU-2018:2683-1, SUSE-SU-2018:2928-1, SUSE-SU-2018:2965-1, SUSE-SU-2018:3864-1, SUSE-SU-2018:3864-2, SUSE-SU-2019:0197-1, SUSE-SU-2019:0512-1, SUSE-SU-2019:1553-1, TNS-2018-14, TNS-2018-17, TSB17568, USN-3628-1, USN-3628-2, USN-3692-1, USN-3692-2, VIGILANCE-VUL-25884
OpenSSL: denial of service via Recursive ASN.1
An attacker can generate a fatal error via Recursive ASN.1 of OpenSSL, in order to trigger a denial of service...
2015887, 524146, bulletinjan2019, CERTFR-2018-AVI-155, cpuapr2019, cpujan2019, cpujul2018, cpujul2019, cpuoct2018, CVE-2018-0739, DLA-1330-1, DSA-2018-125, DSA-2020-030, DSA-4157-1, DSA-4158-1, FEDORA-2018-1b4f1158e2, FEDORA-2018-40dc8b8b16, FEDORA-2018-76afaf1961, FEDORA-2018-9490b422e7, ibm10715641, ibm10717211, ibm10717405, ibm10717409, ibm10719319, ibm10733605, ibm10738249, ibm10874728, JSA10990, K08044291, N1022561, openSUSE-SU-2018:0936-1, openSUSE-SU-2018:1057-1, openSUSE-SU-2018:2208-1, openSUSE-SU-2018:2238-1, openSUSE-SU-2018:2524-1, openSUSE-SU-2018:2695-1, PAN-SA-2018-0015, RHSA-2018:3090-01, RHSA-2018:3221-01, SA166, SB10243, SSA-181018, SUSE-SU-2018:0902-1, SUSE-SU-2018:0905-1, SUSE-SU-2018:0906-1, SUSE-SU-2018:0975-1, SUSE-SU-2018:2072-1, SUSE-SU-2018:2158-1, SUSE-SU-2018:2683-1, SUSE-SU-2020:0495-1, Synology-SA-18:51, USN-3611-1, USN-3611-2, VIGILANCE-VUL-25666
PAN-OS: code execution via Management Interface
An attacker can use a vulnerability via Management Interface of PAN-OS, in order to run code...
CVE-2017-15944, PAN-SA-2017-0027, VIGILANCE-VUL-24692
PAN-OS Captive Portal: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of PAN-OS Captive Portal, in order to run JavaScript code in the context of the web site...
CVE-2017-16878, PAN-SA-2017-0031, VIGILANCE-VUL-24935
PAN-OS GlobalProtect: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of PAN-OS GlobalProtect, in order to run JavaScript code in the context of the web site...
CVE-2017-15941, PAN-SA-2017-0030, VIGILANCE-VUL-24934
TLS: information disclosure via ROBOT Attack
An attacker can bypass access restrictions to data via ROBOT Attack of TLS, in order to obtain sensitive information...
CERTFR-2017-ALE-020, cisco-sa-20171212-bleichenbacher, CSCvg74693, CTX230238, K21905460, KB0080545, PAN-SA-2017-0032, ROBOT Attack, VIGILANCE-VUL-24749, VU#144389
PAN-OS: code execution via Packet Capture Management
An attacker can use a vulnerability via Packet Capture Management of PAN-OS, in order to run code...
CVE-2017-15940, PAN-SA-2017-0028, VIGILANCE-VUL-24693
PAN-OS: external XML entity injection
An attacker can transmit malicious XML data to PAN-OS, in order to read a file, scan sites, or trigger a denial of service...
CVE-2017-15943, PAN-SA-2017-0026, VIGILANCE-VUL-24691
PAN-OS: denial of service via Management Interface
An attacker can generate a fatal error via Management Interface of PAN-OS, in order to trigger a denial of service...
CVE-2017-15942, PAN-SA-2017-0025, VIGILANCE-VUL-24690
Palo Alto GlobalProtect Agent: privilege escalation via Image Path
An attacker can bypass restrictions via Image Path of Palo Alto GlobalProtect Agent, in order to escalate his privileges...
PAN-SA-2017-0029, VIGILANCE-VUL-24673
Our database contains other pages. You can request a free trial to read them.

Display information about PaloAlto Firewall PA-***: