Palo Alto Networks Security Advisories

1 - 25 of 374
VersionsAffectedUnaffected
6.8CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
None
< 8.2.1 on Windows
< 8.1.2 on Windows
< 7.9.102-CE on Windows
All
All
>= 8.2.1 on Windows
>= 8.1.2 on Windows
>= 7.9.102-CE on Windows
2024-06-122024-06-12
5.5CVE-2024-5908 GlobalProtect App: Encrypted Credential Exposure via Log Files
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.2.3
< 6.1.3
< 6.0.8
< 5.1.12
>= 6.2.3
>= 6.1.3
>= 6.0.8
>= 5.1.12
2024-06-122024-06-12
5.2CVE-2024-5907 Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
< 8.3.1 on Windows
< 8.2.3 on Windows
All
< 7.9.102-CE on Windows
All
>= 8.3.1 on Windows
>= 8.2.3 on Windows
None
>= 7.9.102-CE on Windows
2024-06-122024-06-12
4.8CVE-2024-5906 Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Prisma Cloud Compute 32
< 32.05 (O’Neal - Update 5)
>= 32.05 (O’Neal - Update 5)
2024-06-122024-06-12
2CVE-2024-5905 Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
None
< 8.2.1 on Windows
< 8.1.2 on Windows
< 7.9.102-CE on Windows
All
All
>= 8.2.1 on Windows
>= 8.1.2 on Windows
>= 7.9.102-CE on Windows
2024-06-122024-06-12
2.1CVE-2024-3661 Impact of TunnelVision Vulnerability
Cloud NGFW
GlobalProtect app on Android
GlobalProtect app on iOS
GlobalProtect app on Linux
GlobalProtect app on Windows and macOS
PAN-OS
Prisma Access
none
none
All versions without IncludeAllNetworks set to 1
All
All versions without Endpoint Traffic Policy Enforcement set to All Traffic
none
none
All
All
All versions with IncludeAllNetworks set to 1
Upcoming major release
All versions with Endpoint Traffic Policy Enforcement set to All Traffic
All
All
2024-05-162024-05-16
iPAN-SA-2024-0005 Informational Bulletin: Proof of Concept (PoC) Bypasses Protection Modules in Cortex XDR Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 8.0
Cortex XDR Agent 7.9
Cortex XDR Agent 5.0
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
All agents on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
none
2024-04-242024-04-24
10 NCVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
➔ View additional products
none
< 11.1.0-h3, < 11.1.1-h1, < 11.1.2-h3
< 11.0.0-h3, < 11.0.1-h4, < 11.0.2-h4, < 11.0.3-h10, < 11.0.4-h1
< 10.2.0-h3, < 10.2.1-h2, < 10.2.2-h5, < 10.2.3-h13, < 10.2.4-h16, < 10.2.5-h6, < 10.2.6-h3, < 10.2.7-h8, < 10.2.8-h3, < 10.2.9-h1
none
none
none
All
>= 11.1.0-h3, >= 11.1.1-h1, >= 11.1.2-h3
>= 11.0.0-h3, >= 11.0.1-h4, >= 11.0.2-h4, >= 11.0.3-h10, >= 11.0.4-h1
>= 10.2.0-h3, >= 10.2.1-h2, >= 10.2.2-h5, >= 10.2.3-h13, >= 10.2.4-h16, >= 10.2.5-h6, >= 10.2.6-h3, >= 10.2.7-h8, >= 10.2.8-h3, >= 10.2.9-h1
All
All
all
2024-04-122024-05-03
8.3 NCVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.3
< 10.2.5
< 10.1.11
none
none
All
All
>= 11.0.3
>= 10.2.5
>= 10.1.11
All
all
2024-04-102024-04-10
8.2CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
< 11.1.2
< 11.0.4
< 10.2.7-h3
none
none
none
All
>= 11.1.2
>= 11.0.4
>= 10.2.7-h3
All
All
all
2024-04-102024-04-10
8.2 NCVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.0.12
< 9.1.15-h1
< 9.0.17
< 8.1.24
none
All
All
All
>= 10.0.12
>= 9.1.15-h1
>= 9.0.17
>= 8.1.24
all
2024-04-102024-04-10
8.2 NCVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.3
< 10.2.8
< 10.1.12
< 9.1.17
< 9.0.17-h4
none
All
All
>= 11.0.3
>= 10.2.8
>= 10.1.12
>= 9.1.17
>= 9.0.17-h4
All
2024-04-102024-04-10
6.9 NCVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.1-h2, < 11.0.2
< 10.2.4-h2, < 10.2.5
< 10.1.9-h3, < 10.1.10
< 10.0.13
< 9.1.17
< 9.0.17-h2
none
All
All
>= 11.0.1-h2, >= 11.0.2
>= 10.2.4-h2, >= 10.2.5
>= 10.1.9-h3, >= 10.1.10
>= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-04-102024-04-10
6CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.4 on Panorama
< 10.2.7-h3 on Panorama, < 10.2.8 on Panorama
< 10.1.12 on Panorama
none
none
All
All
>= 11.0.4 on Panorama
>= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama
>= 10.1.12 on Panorama
All
all
2024-04-102024-04-10
5.1CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.3
< 10.2.7-h3
< 10.1.11-h4
< 9.1.17
< 9.0.17-h4
< 8.1.26
< 10.2.4
All
All
>= 11.0.3
>= 10.2.7-h3
>= 10.1.11-h4
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
>= 10.2.4
2024-04-102024-04-10
iPAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
PAN-OS
Versions prior to those listed above
Versions listed above
2024-04-10
iPAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
Prisma SD-WAN ION
none
All
2024-04-05
iCVE-2024-3094 Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094)
none
all
2024-04-012024-04-01
5.7CVE-2024-2431 GlobalProtect App: Local User Can Disable GlobalProtect
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.2
GlobalProtect App 5.1
none
< 6.1.1
< 6.0.4
< 5.2.13
< 5.1.12
All
>= 6.1.1
>= 6.0.4
>= 5.2.13
>= 5.1.12
2024-03-132024-03-13
5.2CVE-2024-2432 GlobalProtect App: Local Privilege Escalation (PE) Vulnerability
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.2.1 on Windows
< 6.1.2 on Windows
< 6.0.8 on Windows
< 5.1.12 on Windows
>= 6.2.1 on Windows
>= 6.1.2 on Windows
>= 6.0.8 on Windows
>= 5.1.12 on Windows
2024-03-132024-03-18
5.1CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.3 on Panorama
< 10.2.8 on Panorama
< 10.1.12 on Panorama
< 9.1.17 on Panorama
< 9.0.17-h4 on Panorama
none
All
All
>= 11.0.3 on Panorama
>= 10.2.8 on Panorama
>= 10.1.12 on Panorama
>= 9.1.17 on Panorama
>= 9.0.17-h4 on Panorama
All
2024-03-132024-03-13
iPAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653)
none
all
2024-02-222024-02-22
6.3CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.1.6 on Panorama
< 10.0.11 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.24-h1 on Panorama, < 8.1.25 on Panorama
none
All
All on Panorama
All on Panorama
>= 10.1.6 on Panorama
>= 10.0.11 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.24-h1 on Panorama, >= 8.1.25 on Panorama
all
2024-02-142024-02-14
5.4CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.2
< 10.2.5
< 10.1.10-h1, < 10.1.11
< 10.0.12-h1, < 10.0.13
< 9.1.17
< 9.0.17-h2
none
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.10-h1, >= 10.1.11
>= 10.0.12-h1, >= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-02-142024-02-14
5.3CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
➔ View additional products
none
none
< 11.0.1
< 10.2.4
none
none
All
All
>= 11.0.1
>= 10.2.4
All
all
2024-02-142024-02-14
1 - 25 of 374 Download
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2024 Palo Alto Networks, Inc. All rights reserved.