Paloaltonetworks PAN-OS vulnerabilities

CVE-2012-6601 [CRITICAL] CWE-78 CVE-2012-6601: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x befor The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.

CVE-2012-6592 [CRITICAL] CWE-78 CVE-2012-6592: Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute ar Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.

CVE-2012-6604 [CRITICAL] CWE-78 CVE-2012-6604: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x be The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 35249.

CVE-2012-6605 [CRITICAL] CWE-78 CVE-2012-6605: The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x be The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Ref ID 34896.

CVE-2013-5663 [MEDIUM] CWE-264 CVE-2013-5663: The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x The App-ID cache feature in Palo Alto Networks PAN-OS before 4.0.14, 4.1.x before 4.1.11, and 5.0.x before 5.0.2 allows remote attackers to bypass intended security policies via crafted requests that trigger invalid caching, as demonstrated by incorrect identification of HTTP traffic as SIP traffic, aka Ref ID 47195.

CVE-2012-6597 [MEDIUM] CWE-20 CVE-2012-6597: Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to Palo Alto Networks PAN-OS before 3.1.11 and 4.0.x before 4.0.9 allows remote authenticated users to cause a denial of service (management-server crash) by using the command-line interface for a crafted command, aka Ref ID 35254.

CVE-2012-6590 [MEDIUM] CWE-200 CVE-2012-6590: The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers The web-based management UI in Palo Alto Networks PAN-OS 4.0.x before 4.0.8 allows remote attackers to obtain verbose error information via crafted input, aka Ref ID 33139.

CVE-2013-5664 [MEDIUM] CWE-79 CVE-2013-5664: Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Cross-site scripting (XSS) vulnerability in the web-based device-management API browser in Palo Alto Networks PAN-OS before 4.1.13 and 5.0.x before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via crafted data, aka Ref ID 50908.

CVE-2012-6596 [MEDIUM] CWE-255 CVE-2012-6596: Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passw Palo Alto Networks PAN-OS 4.0.x before 4.0.9 and 4.1.x before 4.1.3 stores cleartext LDAP bind passwords in authd.log, which allows context-dependent attackers to obtain sensitive information by reading this file, aka Ref ID 35493.