Palo Alto Vulnérabilités

Chronologie

Taper

Firewall Software	191
Not Defined	60
Cloud Software	4

Produit

Palo Alto PAN-OS	174
Palo Alto Networks PAN-OS	16
Palo Alto GlobalProtect App	14
Palo Alto Cortex XDR Agent	14
Palo Alto Cortex XSOAR	9

Contre-mesures

Official Fix	214
Temporary Fix	0
Workaround	0
Unavailable	1
Not Defined	40

Exploitabilité

High	8
Functional	0
Proof-of-Concept	18
Unproven	1
Not Defined	228

Vecteur d'accès

Not Defined	0
Physical	1
Local	39
Adjacent	2
Network	213

Authentification

Not Defined	0
High	39
Low	119
None	97

Interaction de l'utilisateur

Not Defined	0
Required	44
None	211

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	7
≤4	23
≤5	44
≤6	56
≤7	45
≤8	45
≤9	25
≤10	10

CVSSv3 Temp

≤1	0
≤2	0
≤3	8
≤4	27
≤5	50
≤6	48
≤7	59
≤8	33
≤9	20
≤10	10

VulDB

≤1	0
≤2	2
≤3	14
≤4	33
≤5	50
≤6	52
≤7	30
≤8	44
≤9	20
≤10	10

NVD

≤1	0
≤2	0
≤3	1
≤4	4
≤5	14
≤6	19
≤7	28
≤8	36
≤9	13
≤10	16

CNA

≤1	0
≤2	0
≤3	1
≤4	1
≤5	14
≤6	13
≤7	21
≤8	10
≤9	10
≤10	4

Fournisseur

≤1	0
≤2	0
≤3	1
≤4	0
≤5	1
≤6	0
≤7	0
≤8	0
≤9	0
≤10	1

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploiter 0 jour

<1k	62
<2k	89
<5k	101
<10k	0
<25k	1
<50k	0
<100k	1
≥100k	1

Exploiter aujourd'hui

<1k	247
<2k	5
<5k	1
<10k	0
<25k	2
<50k	0
<100k	0
≥100k	0

Exploiter le volume du marché

🔴 CTI Activités

Affected Products (24): Cloud NGFW (12), Cortex XDR Agent (14), Cortex XSOAR (9), Demisto (1), Expedition Migration Tool (2), Firewall (1), GlobalProtect (1), Global Protect Agent (2), GlobalProtect Agent (3), GlobalProtect App (14), Global Protected Gateway (1), MineMeld (1), NetConnect (1), Network Traps ESM Console (1), Networks Global Protect Agent (1), Networks Twistlock (1), PAN-OS (190), Prisma Access (12), Prisma Cloud Compute (3), Terminal Services Agent (3), Traps (2), Traps Server (1), VM Series Firewall for Microsoft Azure (1), Web Interface (2)

Publié	Base	Temp	Vulnérabilité	Prod	Exp	Con	EPSS	CTI	CVE
12/04/2024	8.9	8.7	Palo Alto Networks PAN-OS GlobalProtect elévation de privilèges	Firewall Software	High	Official Fix	0.95359	0.34	CVE-2024-3400
10/04/2024	4.5	4.4	Palo Alto Networks PAN-OS chiffrement faible	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-3387
10/04/2024	4.8	4.7	Palo Alto Networks PAN-OS GlobalProtect Gateway elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00043	0.09	CVE-2024-3388
10/04/2024	5.3	5.2	Palo Alto Networks PAN-OS vulnérabilité inconnue	Firewall Software	Not Defined	Official Fix	0.00043	0.02	CVE-2024-3386
10/04/2024	7.5	7.3	Palo Alto Networks PAN-OS Packets dénie de service	Firewall Software	Not Defined	Official Fix	0.00043	0.05	CVE-2024-3382
10/04/2024	7.5	7.3	Palo Alto Networks PAN-OS Packet dénie de service	Firewall Software	Not Defined	Official Fix	0.00043	0.05	CVE-2024-3385
10/04/2024	6.1	6.0	Palo Alto Networks PAN-OS Cloud Identity Engine vulnérabilité inconnue	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-3383
10/04/2024	7.5	7.3	Palo Alto Networks PAN-OS Windows New Technology LAN Manager Packet dénie de service	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-3384
13/03/2024	4.5	4.4	Palo Alto GlobalProtect App elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.05	CVE-2024-2432
13/03/2024	5.4	5.3	Palo Alto GlobalProtect App elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00043	0.03	CVE-2024-2431
13/03/2024	4.3	4.2	Palo Alto PAN-OS Web Interface elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-2433
14/02/2024	3.9	3.8	Palo Alto PAN-OS/Prisma Access/Cloud NGFW cross site scripting	Firewall Software	Not Defined	Official Fix	0.00043	0.04	CVE-2024-0011
14/02/2024	4.3	4.2	Palo Alto PAN-OS/Prisma Access/Cloud NGFW GlobalProtect Portal cross site scripting	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-0010
14/02/2024	5.1	5.1	Palo Alto PAN-OS/Prisma Access/Cloud NGFW Management Interface authentification faible	Firewall Software	Not Defined	Official Fix	0.00043	0.05	CVE-2024-0008
14/02/2024	6.8	6.7	Palo Alto PAN-OS/Prisma Access/Cloud NGFW VPN Connection Remote Code Execution	Firewall Software	Not Defined	Official Fix	0.00043	0.09	CVE-2024-0009
14/02/2024	4.6	4.5	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface cross site scripting	Firewall Software	Not Defined	Official Fix	0.00043	0.00	CVE-2024-0007
13/12/2023	3.8	3.8	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface cross site scripting	Firewall Software	Not Defined	Official Fix	0.00045	0.04	CVE-2023-6789
13/12/2023	6.4	6.3	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Link cross site scripting	Firewall Software	Not Defined	Official Fix	0.00059	0.03	CVE-2023-6790
13/12/2023	2.7	2.6	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW XML API Key elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00044	0.03	CVE-2023-6793
13/12/2023	5.0	4.9	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00049	0.04	CVE-2023-6794
13/12/2023	5.5	5.4	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW XML API elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00049	0.04	CVE-2023-6792
13/12/2023	5.0	4.9	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW elévation de privilèges	Firewall Software	Not Defined	Official Fix	0.00049	0.04	CVE-2023-6795
13/12/2023	3.8	3.7	Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW Web Interface divulgation de l'information	Firewall Software	Not Defined	Official Fix	0.00049	0.00	CVE-2023-6791
08/11/2023	6.4	6.2	Palo Alto Cortex XSOAR elévation de privilèges	Inconnue	Not Defined	Official Fix	0.00042	0.00	CVE-2023-3282
14/09/2023	4.4	4.4	Palo Alto Cortex XDR Agent elévation de privilèges	Inconnue	Not Defined	Not Defined	0.00042	0.04	CVE-2023-3280

Palo Alto Vulnérabilités

Chronologie

Taper

Produit

Contre-mesures

Exploitabilité

Vecteur d'accès

Authentification

Interaction de l'utilisateur

C3BM Index

CVSSv3 Base

CVSSv3 Temp

VulDB

NVD

CNA

Fournisseur

Research

Exploiter 0 jour

Exploiter aujourd'hui

Exploiter le volume du marché

🔴 CTI Activités

🔒 Login Required

Do you know our Splunk app?