First published: Wed Dec 13 2023(Updated: )
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Pan-os | >=8.1.0<8.1.24 | |
Paloaltonetworks Pan-os | >=9.0.0<9.0.17 | |
Paloaltonetworks Pan-os | >=9.1.0<9.1.15 | |
Paloaltonetworks Pan-os | >=10.0.0<10.0.12 | |
Paloaltonetworks Pan-os | >=10.1.0<10.1.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.