CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2022-0011 – PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering
https://notcve.org/view.php?id=CVE-2022-0011
10 Feb 2022 — PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the sp... • https://security.paloaltonetworks.com/CVE-2022-0011 • CWE-436: Interpretation Conflict •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2021-3061 – PAN-OS: OS Command Injection Vulnerability in the Command Line Interface (CLI)
https://notcve.org/view.php?id=CVE-2021-3061
10 Nov 2021 — An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 10.1 versions earlier than PAN-OS 10.1.3. Prisma Access customer... • https://security.paloaltonetworks.com/CVE-2021-3061 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 43%CPEs: 7EXPL: 2CVE-2021-3060 – PAN-OS: OS Command Injection in Simple Certificate Enrollment Protocol (SCEP)
https://notcve.org/view.php?id=CVE-2021-3060
10 Nov 2021 — An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1; PAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3; PAN-OS 9.1 versions ear... • https://github.com/anmolksachan/CVE-2021-3060 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •