CVE-2020-2021
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
CVSS
—
No CVSS
EPSS
4.4%
p90
KEV
YES
Mar 25, 2022
Exploit Today
77
0-100
Published: — · Last modified: —
4.4%EPSS · 30 days4.4%
2026-06-302026-07-17
Product
Palo Alto Networks / PAN-OS
Vulnerability
Palo Alto Networks PAN-OS Authentication Bypass Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
Yes
Summary description
Palo Alto Networks PAN-OS contains a vulnerability in SAML which allows an attacker to bypass authentication.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-2021
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2024-3400—100.0%
KEV—80Palo Alto Networks PAN-OS Command Injection Vulnerability—CVE-2024-0012—100.0%
KEV—80Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability—CVE-2025-0108—99.9%
KEV—80Palo Alto Networks PAN-OS Authentication Bypass Vulnerability—CVE-2017-15944—99.9%
KEV—80Palo Alto Networks PAN-OS Remote Code Execution Vulnerability—CVE-2024-9474—99.8%
KEV—80Palo Alto Networks PAN-OS Management Interface OS Command Injection Vulnerability—CVE-2026-0257—99.7%
KEV—80Palo Alto Networks PAN-OS Authentication Bypass Vulnerability—