| | Versions | Affected | Unaffected | | |
|---|
| 7.2 | CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.23 | >= 10.2.0 >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.23 | 2022-05-11 | 2022-05-11 |
| 6.7 | CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability | Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none < 7.7.1.62043 without CU-500 on Windows none none none none none | all 7.7.* with CU-500, >= 7.7.1.62043 on Windows all all all all all | 2022-05-11 | 2022-05-11 |
| 6.7 | CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability | Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 | 7.5.* without CU-330 on Windows 7.7.* without CU-330 on Windows 7.6.* without CU-330 on Windows 7.5.* without CU-330 on Windows 7.4.* without CU-330 on Windows 6.1.* without CU-330 on Windows | 7.5.* with CU-330 on Windows 7.7.* with CU-330 on Windows 7.6.* with CU-330 on Windows 7.5.* with CU-330 on Windows 7.4.* with CU-330 on Windows 6.1.* with CU-330 on Windows | 2022-05-11 | 2022-05-11 |
| 4.3 | CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports | Cortex XSOAR 6.6 Cortex XSOAR 6.5 Cortex XSOAR 6.2 Cortex XSOAR 6.1 | < 6.6.0.2585049 6.5.* 6.2.* 6.1.* | >= 6.6.0.2585049 none none none | 2022-05-11 | 2022-05-11 |
| 3.3 | PAN-SA-2022-0001 Cortex XDR Agent: Supervisor Password Hash Disclosure Vulnerability When Generating Support Files | | | | 2022-04-14 | 2022-04-14 |
| 0 | PAN-SA-2022-0002 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator | | | | 2022-04-14 | 2022-05-13 |
| 5.9 | CVE-2022-0023 PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.22 none none none | 10.2.* >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.22 Preferred, Innovation Preferred Preferred, Innovation | 2022-04-13 | 2022-04-13 |
| 7.5 N | CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 | Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5-CE Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 Cortex XSOAR GlobalProtect App 6.0 GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 Prisma Cloud | < 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux < 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux < 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux < 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux 7.4.* < 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux none < 6.0.1 < 5.3.4 < 5.2.12 < 5.1.11 < 10.2.1 < 10.1.5-h1 < 10.0.10 < 9.1.13-h3 < 9.0.16-h2 < 8.1.23 Preferred, Innovation Preferred, Innovation Preferred Preferred, Innovation none | >= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux >= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux >= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux >= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux none >= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux all >= 6.0.1 >= 5.3.4 >= 5.2.12 >= 5.1.11 >= 10.2.1 >= 10.1.5-h1 >= 10.0.10 >= 9.1.13-h3 >= 9.0.16-h2 >= 8.1.23 none none none none all | 2022-03-31 | 2022-05-28 |
| 0 | CVE-2022-22963 Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965 | AutoFocus Bridgecrew Cortex Data Lake Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expanse Expedition Migration Tool GlobalProtect App IoT Security Okyo Garde Palo Alto Networks App for Splunk PAN-OS Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) Prisma SD-WAN ION SaaS Security User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | none none none none none none none none none none none none none none none none none none none none none none none | all all all all all all all all all all all all all all all all all all all all all all all | 2022-03-31 | 2022-04-25 |
| 4.1 | CVE-2022-0022 PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none none < 10.0.7 < 9.1.11 9.0.* < 8.1.21 none none none | 10.2.* 10.1.* >= 10.0.7 >= 9.1.11 none >= 8.1.21 Preferred, Innovation Preferred Preferred, Innovation | 2022-03-09 | 2022-03-09 |
| 0 | CVE-2021-44142 Informational: Impact of the Samba Vulnerability CVE-2021-44142 on PAN-OS | | | | 2022-03-09 | 2022-03-09 |
| 7.4 | CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon With SAML Authentication | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.9 on Windows and MacOS none | 5.3.* >= 5.2.9 on Windows and MacOS >= 5.1.* | 2022-02-09 | 2022-03-09 |
| 7 | CVE-2022-0017 GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.5 on Windows < 5.1.10 on Windows | 5.3.* >= 5.2.5 on Windows >= 5.1.10 on Windows | 2022-02-09 | 2022-02-09 |
| 6.8 | CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface | Cortex XSOAR 6.5.0 Cortex XSOAR 6.2.0 Cortex XSOAR 6.1.0 | | | 2022-02-09 | 2022-02-09 |
| 6.5 | CVE-2022-0011 PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering | PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | < 10.1.3 < 10.0.8 < 9.1.12 9.0.* < 8.1.21 none Preferred Preferred, Innovation | >= 10.1.3 >= 10.0.8 >= 9.1.12 none >= 8.1.21 Preferred, Innovation none none | 2022-02-09 | 2022-03-09 |
| 6.1 | CVE-2022-0018 GlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On Enabled | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.9 on Windows and MacOS < 5.1.10 on Windows and MacOS | 5.3.* >= 5.2.9 on Windows and MacOS >= 5.1.10 on Windows and MacOS | 2022-02-09 | 2022-02-09 |
| 4.7 | CVE-2022-0019 GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | < 5.3.2 on Linux <= 5.2.7 on Linux < 5.1.10 on Linux | >= 5.3.2 on Linux none >= 5.1.10 on Linux | 2022-02-09 | 2022-02-09 |
| 3.3 | CVE-2022-0021 GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.9 on Windows none | 5.3.* >= 5.2.9 on Windows 5.1.* | 2022-02-09 | 2022-02-09 |
| 7.8 | CVE-2022-0015 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability | Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 7.3 Cortex XDR Agent 7.2 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none none none none none < 6.1.9 < 5.0.12 | 7.6.* 7.5.* 7.4.* 7.3.* 7.2.* >= 6.1.9 >= 5.0.12 | 2022-01-12 | 2022-01-12 |
| 6.7 | CVE-2022-0014 Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session | Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 7.3 Cortex XDR Agent 7.2 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none none none < 7.3.2 on Windows < 7.2.4 on Windows < 6.1.9 on Windows < 5.0.12 on Windows | 7.6.* 7.5.* 7.4.* >= 7.3.2 on Windows >= 7.2.4 on Windows >= 6.1.9 on Windows >= 5.0.12 on Windows | 2022-01-12 | 2022-01-14 |
| 6.1 | CVE-2022-0012 Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability | Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 7.3 Cortex XDR Agent 7.2 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none none none < 7.3.2 on Windows < 7.2.4 on Windows < 6.1.9 on Windows < 5.0.12 on Windows | 7.6.* 7.5.* 7.4.* >= 7.3.2 on Windows >= 7.2.4 on Windows >= 6.1.9 on Windows >= 5.0.12 on Windows | 2022-01-12 | 2022-01-14 |
| 5 | CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File | Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 7.3 Cortex XDR Agent 7.2 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none none < 7.3.2 on Windows < 7.2.4 on Windows < 6.1.9 on Windows < 5.0.12 on Windows | 7.5.* 7.4.* >= 7.3.2 on Windows >= 7.2.4 on Windows >= 6.1.9 on Windows >= 5.0.12 on Windows | 2022-01-12 | 2022-01-14 |
| 9.8 N | CVE-2021-44228 Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 | Bridgecrew Cortex Data Lake Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expedition GlobalProtect App IoT Security Okyo Garde PAN-DB Private Cloud PAN-OS for Firewall and Wildfire PAN-OS for Panorama Prisma Access Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) SaaS Security Traps User-ID Agent WildFire Appliance WildFire Cloud | none none none none none none < 2.1 none none none none none none < 9.0.15, < 10.0.8-h8, < 9.1.12-h3 none none none none none none none none none | all all all all all all >= 2.1 all all all all all all 8.1.*, 10.1.*, >= 9.0.15, >= 10.0.8-h8, >= 9.1.12-h3 all all all all all all all all all | 2021-12-10 | 2022-01-22 |
| 0 | CVE-2021-41617 Informational: Impact of the OpenSSH Vulnerability CVE-2021-41617 on PAN-OS | | | | 2021-11-30 | 2021-11-30 |
| 9.8 N | CVE-2021-3064 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces | PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 2.2 Prisma Access 2.1 | none none none none < 8.1.17 none none | 10.1.* 10.0.* 9.1.* 9.0.* >= 8.1.17 all all | 2021-11-10 | 2021-11-10 |
= Exploitable over the network with low complexity, unauthenticated attack.