Palo Alto Networks Traps vulnerabilities
3 known vulnerabilities affecting palo_alto_networks/traps.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2015-2223P4MEDIUMCVSS 4.3PoCv3.1.2.15462015-04-14
CVE-2015-2223 [MEDIUM] CWE-79 CVE-2015-2223: Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in
Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.
nvd
CVE-2019-1577P3MEDIUMCVSS 6.3v5.0.5 and earlier2019-07-01
CVE-2019-1577 [MEDIUM] CWE-94 CVE-2019-1577: Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and earlier may allow an authenticate
Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and earlier may allow an authenticated attacker to inject arbitrary JavaScript or HTML.
nvd
CVE-2020-1991P4HIGHCVSS 7.1≥ 5.0, < 5.0.8≥ 6.1, < 6.1.42020-04-08
CVE-2020-1991 [HIGH] CWE-377 CVE-2020-1991: An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Wi
An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux
nvd