Palo Alto Vulnérabilités

Chronologie

Taper

Produit

Palo Alto PAN-OS174
Palo Alto Networks PAN-OS16
Palo Alto GlobalProtect App14
Palo Alto Cortex XDR Agent14
Palo Alto Cortex XSOAR9

Contre-mesures

Official Fix214
Temporary Fix0
Workaround0
Unavailable1
Not Defined40

Exploitabilité

High6
Functional0
Proof-of-Concept18
Unproven1
Not Defined230

Vecteur d'accès

Not Defined0
Physical1
Local39
Adjacent2
Network213

Authentification

Not Defined0
High39
Low119
None97

Interaction de l'utilisateur

Not Defined0
Required44
None211

C3BM Index

CVSSv3 Base

≤10
≤20
≤37
≤423
≤544
≤656
≤745
≤845
≤925
≤1010

CVSSv3 Temp

≤10
≤20
≤38
≤427
≤550
≤648
≤759
≤833
≤920
≤1010

VulDB

≤10
≤22
≤314
≤433
≤550
≤652
≤730
≤844
≤920
≤1010

NVD

≤10
≤20
≤31
≤44
≤514
≤619
≤728
≤836
≤913
≤1016

CNA

≤10
≤20
≤31
≤41
≤514
≤613
≤721
≤810
≤910
≤104

Fournisseur

≤10
≤20
≤31
≤40
≤51
≤60
≤70
≤80
≤90
≤101

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 jour

<1k62
<2k89
<5k101
<10k0
<25k1
<50k0
<100k1
≥100k1

Exploiter aujourd'hui

<1k246
<2k6
<5k1
<10k0
<25k1
<50k1
<100k0
≥100k0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (24): Cloud NGFW (12), Cortex XDR Agent (14), Cortex XSOAR (9), Demisto (1), Expedition Migration Tool (2), Firewall (1), GlobalProtect (1), Global Protect Agent (2), GlobalProtect Agent (3), GlobalProtect App (14), Global Protected Gateway (1), MineMeld (1), NetConnect (1), Network Traps ESM Console (1), Networks Global Protect Agent (1), Networks Twistlock (1), PAN-OS (190), Prisma Access (12), Prisma Cloud Compute (3), Terminal Services Agent (3), Traps (2), Traps Server (1), VM Series Firewall for Microsoft Azure (1), Web Interface (2)

PubliéBaseTempVulnérabilitéProdExpConEPSSCTICVE
12/04/20248.98.7Palo Alto Networks PAN-OS GlobalProtect elévation de privilègesFirewall SoftwareHighOfficial Fix0.027345.88CVE-2024-3400
10/04/20244.54.4Palo Alto Networks PAN-OS chiffrement faibleFirewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-3387
10/04/20244.84.7Palo Alto Networks PAN-OS GlobalProtect Gateway elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000430.06CVE-2024-3388
10/04/20245.35.2Palo Alto Networks PAN-OS vulnérabilité inconnueFirewall SoftwareNot DefinedOfficial Fix0.000430.05CVE-2024-3386
10/04/20247.57.3Palo Alto Networks PAN-OS Packets dénie de serviceFirewall SoftwareNot DefinedOfficial Fix0.000430.07CVE-2024-3382
10/04/20247.57.3Palo Alto Networks PAN-OS Packet dénie de serviceFirewall SoftwareNot DefinedOfficial Fix0.000430.06CVE-2024-3385
10/04/20246.16.0Palo Alto Networks PAN-OS Cloud Identity Engine vulnérabilité inconnueFirewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-3383
10/04/20247.57.3Palo Alto Networks PAN-OS Windows New Technology LAN Manager Packet dénie de serviceFirewall SoftwareNot DefinedOfficial Fix0.000430.06CVE-2024-3384
13/03/20244.54.4Palo Alto GlobalProtect App elévation de privilègesInconnueNot DefinedOfficial Fix0.000430.02CVE-2024-2432
13/03/20245.45.3Palo Alto GlobalProtect App elévation de privilègesInconnueNot DefinedOfficial Fix0.000430.03CVE-2024-2431
13/03/20244.34.2Palo Alto PAN-OS Web Interface elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000430.00CVE-2024-2433
14/02/20243.93.8Palo Alto PAN-OS/Prisma Access/Cloud NGFW cross site scriptingFirewall SoftwareNot DefinedOfficial Fix0.000430.08CVE-2024-0011
14/02/20244.34.2Palo Alto PAN-OS/Prisma Access/Cloud NGFW GlobalProtect Portal cross site scriptingFirewall SoftwareNot DefinedOfficial Fix0.000430.07CVE-2024-0010
14/02/20245.15.1Palo Alto PAN-OS/Prisma Access/Cloud NGFW Management Interface authentification faibleFirewall SoftwareNot DefinedOfficial Fix0.000430.02CVE-2024-0008
14/02/20246.86.7Palo Alto PAN-OS/Prisma Access/Cloud NGFW VPN Connection Remote Code ExecutionFirewall SoftwareNot DefinedOfficial Fix0.000430.04CVE-2024-0009
14/02/20244.64.5Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface cross site scriptingFirewall SoftwareNot DefinedOfficial Fix0.000430.03CVE-2024-0007
13/12/20233.83.8Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface cross site scriptingFirewall SoftwareNot DefinedOfficial Fix0.000450.04CVE-2023-6789
13/12/20236.46.3Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Link cross site scriptingFirewall SoftwareNot DefinedOfficial Fix0.000590.03CVE-2023-6790
13/12/20232.72.6Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW XML API Key elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000440.03CVE-2023-6793
13/12/20235.04.9Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000490.04CVE-2023-6794
13/12/20235.55.4Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW XML API elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000490.04CVE-2023-6792
13/12/20235.04.9Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW elévation de privilègesFirewall SoftwareNot DefinedOfficial Fix0.000490.07CVE-2023-6795
13/12/20233.83.7Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface divulgation de l'informationFirewall SoftwareNot DefinedOfficial Fix0.000490.00CVE-2023-6791
08/11/20236.46.2Palo Alto Cortex XSOAR elévation de privilègesInconnueNot DefinedOfficial Fix0.000420.00CVE-2023-3282
14/09/20234.44.4Palo Alto Cortex XDR Agent elévation de privilègesInconnueNot DefinedNot Defined0.000420.04CVE-2023-3280

230 plus d'entrées ne sont pas affichées

Do you know our Splunk app?

Download it now for free!