Palo Alto Networks PAN-OS vulnerabilities
170 known vulnerabilities affecting palo_alto_networks/pan-os.
Total CVEs
170
CISA KEV
10
actively exploited
Public exploits
9
Exploited in wild
11
Severity breakdown
CRITICAL14HIGH70MEDIUM73LOW13
Vulnerabilities
Page 7 of 9
CVE-2025-0136P4MEDIUMCVSS 5.3≥ 11.1.0, < 11.1.5≥ 11.0.0, < 11.0.7+2 more2025-05-14
CVE-2025-0136 [MEDIUM] CWE-319 CVE-2025-0136: Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500,
Using the AES-128-CCM algorithm for IPSec on certain Palo Alto Networks PAN-OS® firewalls (PA-7500, PA-5400, PA-5400f, PA-3400, PA-1600, PA-1400, and PA-400 Series) leads to unencrypted data transfer to devices that are connected to the PAN-OS firewall through IPSec.
This issue does not affect Cloud NGFWs, Prisma® Access instances, or PAN-OS VM-Series
nvd
CVE-2024-3388P4MEDIUMCVSS 5.0≥ 8.1.0, < 8.1.26≥ 9.0.0, < 9.0.17-h4+4 more2024-04-10
CVE-2024-3388 [MEDIUM] CWE-269 CVE-2024-3388: A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authen
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.
nvd
CVE-2024-5911P4MEDIUMCVSS 4.9≥ 10.2.0, < 10.2.4≥ 10.1.0, < 10.1.92024-07-10
CVE-2024-5911 [MEDIUM] CWE-434 CVE-2024-5911: An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authentica
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back onl
nvd
CVE-2024-5913P4MEDIUMCVSS 6.8≥ 10.1.0, < 10.1.14-h2≥ 10.2.0, < 10.2.10+3 more2024-07-10
CVE-2024-5913 [MEDIUM] CWE-20 CVE-2024-5913: An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.
nvd
CVE-2020-1993P4MEDIUMCVSS 5.4v8.0.*v7.1.*+2 more2020-05-13
CVE-2020-1993 [MEDIUM] CWE-384 CVE-2020-1993: The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful
The GlobalProtect Portal feature in PAN-OS does not set a new session identifier after a successful user login, which allows session fixation attacks, if an attacker is able to control a user's session ID. This issue affects: All PAN-OS 7.1 and 8.0 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.8.
nvd
CVE-2024-5917P4MEDIUMCVSS 4.9≥ 10.2.0, < 10.2.2≥ 10.1.0, < 10.1.72024-11-14
CVE-2024-5917 [MEDIUM] CWE-918 CVE-2024-5917: A server-side request forgery in PAN-OS software enables an authenticated attacker with administrati
A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
nvd
CVE-2020-2005P4MEDIUMCVSS 6.1v8.0.*≥ 7.1, < 7.1.26+2 more2020-05-13
CVE-2020-2005 [MEDIUM] CWE-79 CVE-2020-2005: A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alt
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.
nvd
CVE-2025-0123P4MEDIUMCVSS 5.9≥ 11.2.0, < 11.2.6≥ 11.1.0, < 11.1.8+2 more2025-04-11
CVE-2025-0123 [MEDIUM] CWE-312 CVE-2025-0123: A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/2 data streams traversing network interfaces on the fire
nvd
CVE-2024-3386P4MEDIUMCVSS 5.3≥ 9.0.0, < 9.0.17-h2≥ 9.1.0, < 9.1.17+7 more2024-04-10
CVE-2024-3386 [MEDIUM] CWE-436 CVE-2024-3386: An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefin
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption.
nvd
CVE-2024-9471P4MEDIUMCVSS 4.7≥ 11.0.0, < 11.0.3≥ 10.1.0, < 10.1.11+3 more2024-10-09
CVE-2024-9471 [MEDIUM] CWE-269 CVE-2024-9471: A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enabl
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access cou
nvd
CVE-2023-6790P4MEDIUMCVSS 6.1≥ 8.1, < 8.1.25≥ 9.0, < 9.0.17+5 more2023-12-13
CVE-2023-6790 [MEDIUM] CWE-79 CVE-2023-6790: A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
nvd
CVE-2024-0010P4MEDIUMCVSS 6.1≥ 9.0, < 9.0.17-h4≥ 9.1, < 9.1.17+2 more2024-02-14
CVE-2024-0010 [MEDIUM] CWE-79 CVE-2024-0010: A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alt
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user’s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft.
nvd
CVE-2021-3052P4MEDIUMCVSS 5.4≥ 9.0, < 9.0.14≥ 8.1, < 8.1.20+2 more2021-09-08
CVE-2021-3052 [MEDIUM] CWE-79 CVE-2021-3052: A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface e
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator. This issue
nvd
CVE-2023-6791P4MEDIUMCVSS 4.9≥ 8.1, < 8.1.24-h1≥ 9.0, < 9.0.17+5 more2023-12-13
CVE-2023-6791 [MEDIUM] CWE-701 CVE-2023-6791: A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated
A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.
nvd
CVE-2023-0005P4MEDIUMCVSS 4.9≥ 10.2, < 10.2.3≥ 10.1, < 10.1.8+4 more2023-04-12
CVE-2023-0005 [MEDIUM] CWE-497 CVE-2023-0005: A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expo
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.
nvd
CVE-2025-0137P4MEDIUMCVSS 4.8≥ 11.2.0, < 11.2.5≥ 11.1.0, < 11.1.8+2 more2025-05-14
CVE-2025-0137 [MEDIUM] CWE-83 CVE-2025-0137: An improper input neutralization vulnerability in the management web interface of the Palo Alto Netw
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.
The attacker must have network access to the management web interface to exploit this issue. You grea
nvd
CVE-2024-0011P4MEDIUMCVSS 6.1≥ 8.1, < 8.1.24≥ 9.0, < 9.0.17+3 more2024-02-14
CVE-2024-0011 [MEDIUM] CWE-79 CVE-2024-0011: A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Netw
A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user’s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft.
nvd
CVE-2023-0010P4MEDIUMCVSS 5.4≥ 10.2, < 10.2.2≥ 10.1, < 10.1.6+4 more2023-06-14
CVE-2023-0010 [MEDIUM] CWE-79 CVE-2023-0010: A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Netw
A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on a specifically crafted link.
nvd
CVE-2020-2031P4MEDIUMCVSS 4.9≥ 9.1, < 9.1.32020-07-08
CVE-2020-2031 [MEDIUM] CWE-191 CVE-2020-2031: An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface all
An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putt
nvd
CVE-2023-38046P4MEDIUMCVSS 4.9≥ 11.0, < 11.0.1≥ 10.2, < 10.2.42023-07-12
CVE-2023-38046 [MEDIUM] CWE-610 CVE-2023-38046: A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administr
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.
nvd