What is the palo_alto CNA?
palo_alto is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 336 CVE records since 2018.
How many CVEs has palo_alto published?
palo_alto has published 336 CVE records, including 139 in the last two years.
What is palo_alto's CVE data quality grade?
RadicalNotion.AI grades palo_alto's CVE data quality as A, with an overall completeness score of 92.6%. This reflects how consistently its CVE records include vendor (90.8%), product (100%), CVSS (89.6%), and CWE (89.9%) information.
What products does palo_alto publish CVEs for?
palo_alto most frequently publishes CVEs for PAN-OS, Prisma Access, Cloud NGFW, GlobalProtect App, GlobalProtect.
Which vendors does palo_alto cover?
palo_alto publishes CVEs across 13 distinct vendors, most often Palo Alto Networks, paloaltonetworks, microsoft, alextselegidis, easyappointments.
Is palo_alto actively publishing CVEs?
palo_alto is currently active, based on 139 CVEs in the last two years.
What is the average severity of palo_alto's CVEs?
The average CVSS base score across palo_alto's scored CVEs is 6.7.
How many critical CVEs has palo_alto published?
palo_alto has published 31 critical-severity CVEs and 122 high-severity CVEs.
Are any of palo_alto's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 14 of palo_alto's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in palo_alto's CVEs?
palo_alto's CVEs most often map to these CWE weakness types: CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-639 (Authorization Bypass Through User-Controlled Key).
How does palo_alto rank among CNAs?
By total CVE volume, palo_alto ranks #64 of 370 CNAs, and it reports more complete CVE records than 38% of all CNAs.
