Get support
Security advisories
Report vulnerabilities
Subscribe
RSS feed
Palo Alto Networks Security Advisories
Clear
Options
version
severity
CRITICAL
HIGH
MEDIUM
LOW
NONE
product
AutoFocus
5
Bridgecrew
6
Bridgecrew Checkov
2
Cloud NGFW
12
Cortex Data Lake
6
Cortex XDR
4
Cortex XDR Agent
26
Cortex XSOAR
19
Cortex XSOAR PowerShell Image
1
Cortex Xpanse
6
Demisto
1
Enterprise Data Loss Prevention
6
Exact Data Matching CLI
6
Expanse
5
Expedition
7
Expedition Migration Tool
5
GlobalProtect App
32
IoT Security
6
MineMeld
1
NetConnect
1
Okyo Garde
6
PAN-DB Private Cloud
1
PAN-OS
230
PAN-OS for Firewall and Wildfire
1
Palo Alto Networks App for Splunk
5
Prisma Access
27
Prisma Cloud
7
Prisma Cloud Compute
10
Prisma SD-WAN
1
Prisma SD-WAN (CloudGenix)
8
Prisma SD-WAN ION
5
SaaS Security
6
Secdo
3
Terminal Server Agent
4
Traps
3
Traps ESM Console
2
Traps ESM Core
1
Twistlock Console
1
Update server
1
User-ID Agent
8
VM-Series Plugin
1
WildFire Appliance
4
WildFire Appliance (WF-500)
5
WildFire Cloud
8
Zingbox Inspector
11
Clear
1 - 25 of 326
Newest
Updated
Severe
Earliest published
Earliest updated
Least Severe
Sort ID ↑
Sort ID ↓
CVSS
Summary
Versions
Affected
Unaffected
Published
Updated
6.5
CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.0.7 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.25 on Panorama
none
All
All
All
>= 10.0.7 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.25 on Panorama
all
2023-05-10
2023-05-10
4.4
CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
< 11.0.1
< 10.2.4
< 10.1.10
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
none
All
>= 11.0.1
>= 10.2.4
>= 10.1.10
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-05-10
2023-05-11
6.5
CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
none
< 10.1.6
< 10.0.11
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
All
>= 10.1.6
>= 10.0.11
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-19
6.3
CVE-2023-0006 GlobalProtect App: Local File Deletion Vulnerability
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.2
< 6.1.1 on Windows
< 6.0.4 on Windows
< 5.2.13 on Windows
>= 6.1.1 on Windows
>= 6.0.4 on Windows
>= 5.2.13 on Windows
2023-04-12
2023-04-12
4.1
CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.3
< 10.1.8
< 10.0.12
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.3
>= 10.1.8
>= 10.0.12
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-12
i
PAN-SA-2023-0002 Informational Bulletin: Impact of Rorschach Ransomware
Cortex XDR Agent 5.0
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.8
Cortex XDR Agent 7.9 CE
Cortex XDR Agent 8.0
All agents on Windows
All agents on Windows
< Agents with content update earlier than CU-240 on Windows
< Agents with content update earlier than CU-240 on Windows
< Agents with content update earlier than CU-240 on Windows
none
none
>= Agents with CU-240 or a later content update on Windows
>= Agents with CU-240 or a later content update on Windows
>= Agents with CU-240 or a later content update on Windows
2023-04-04
2023-04-12
6.5
CVE-2023-0003 Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server
Cortex XSOAR 8.1
Cortex XSOAR 6.10
Cortex XSOAR 6.9
Cortex XSOAR 6.8
Cortex XSOAR 6.6
none
< 6.10.0.185964
< 6.9.B185415
< 6.8.B185719
< 6.6.B186115
all
>= 6.10.0.185964
>= 6.9.B185415
>= 6.8.B185719
>= 6.6.B186115
2023-02-08
2023-02-08
6
CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password
Cortex XDR Agent 7.9
Cortex XDR Agent 7.8
Cortex XDR Agent 7.5
Cortex XDR Agent 5.0
none
none
< 7.5.101-CE on Windows
none
all
all
>= 7.5.101-CE on Windows
all
2023-02-08
2023-02-08
5.5
CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User
Cortex XDR Agent 7.9
Cortex XDR Agent 7.8
Cortex XDR Agent 7.5
Cortex XDR Agent 5.0
none
none
< 7.5.101-CE on Windows
< 5.0.12.22203 on Windows
all
all
>= 7.5.101-CE on Windows
>= 5.0.12.22203 on Windows
2023-02-08
2023-02-08
i
PAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
➔ View multiple products
none
all
2023-02-08
2023-02-08
i
CVE-2023-22809 Impact of Sudo Vulnerability CVE-2023-22809
➔ View multiple products
none
all
2023-02-08
2023-02-08
i
PAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996
➔ View multiple products
none
all
2022-12-23
2022-12-23
6.7
CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
Cortex XSOAR 6.9
Cortex XSOAR 6.8
Cortex XSOAR 6.6
Cortex XSOAR 6.5
< 6.9.0.130766 on Linux, <= 6.9.0.3387847 on Linux
all
all
all
>= 6.9.0.130766 on Linux
none
none
none
2022-11-09
2022-11-19
i
CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889
➔ View multiple products
none
all
2022-11-09
2022-11-09
i
PAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602
➔ View multiple products
none
all
2022-10-31
2022-11-09
8.1
CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 8.1
➔ View additional products
none
none
none
< 8.1.24
none
All
All
All
>= 8.1.24
all
2022-10-12
2022-10-12
5.5
CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.8
Cortex XDR Agent 7.7
Cortex XDR Agent 5.0
< 7.5.101-CE on Windows
none
< 7.7.3 on Windows
< 5.0.12-hotfix update on Windows
>= 7.5.101-CE
all
>= 7.7.3
>= 5.0.12-hotfix update
2022-09-14
2022-09-14
i
PAN-SA-2022-0005 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator
Cortex XDR Agent
All agents with a content update earlier than CU-860 on Windows
All agents with CU-860 or a later content update
2022-09-14
2023-03-08
0
CVE-2022-28199 Informational: PAN-OS: Impact of the NVIDIA Dataplane Development Kit (DPDK) Vulnerability CVE-2022-28199
➔ View multiple products
none
all
2022-09-14
2022-09-14
i
PAN-SA-2022-0004 Informational: Cortex XDR Agent: Allow List is Visible to Low Privileged Users
Cortex XDR Agent
All agents with a content update earlier than CU-630 on Windows
All agents with CU-630 or a later content update
2022-09-14
2022-09-14
8.6
N
CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
➔ View additional products
none
< 10.2.2-h2
< 10.1.6-h6
< 10.0.11-h1
< 9.1.14-h4
< 9.0.16-h3
< 8.1.23-h1
none
none
none
All
>= 10.2.2-h2
>= 10.1.6-h6
>= 10.0.11-h1
>= 9.1.14-h4
>= 9.0.16-h3
>= 8.1.23-h1
All
All
all
2022-08-10
2022-08-19
i
PAN-SA-2022-0003 Informational: Cortex XDR Agent: Proof of Concept (PoC) Reduces Effectiveness of Anti-Ransomware Protection Module
Cortex XDR Agent
All agents with a content update earlier than CU-610
All agents with CU-610 or a later content update
2022-08-10
2022-08-10
7.2
CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
none
< 10.1.5
< 10.0.10
< 9.1.13
< 9.0.16
< 8.1.23
>= 10.2.0
>= 10.1.5
>= 10.0.10
>= 9.1.13
>= 9.0.16
>= 8.1.23
2022-05-11
2022-05-11
6.7
CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 6.1
7.5.* without CU-330 on Windows
7.7.* without CU-330 on Windows
7.6.* without CU-330 on Windows
7.5.* without CU-330 on Windows
7.4.* without CU-330 on Windows
6.1.* without CU-330 on Windows
7.5.* with CU-330 on Windows
7.7.* with CU-330 on Windows
7.6.* with CU-330 on Windows
7.5.* with CU-330 on Windows
7.4.* with CU-330 on Windows
6.1.* with CU-330 on Windows
2022-05-11
2022-05-11
6.7
CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
➔ View additional products
none
< 7.7.1.62043 without CU-500 on Windows
none
none
none
all
7.7.* with CU-500, >= 7.7.1.62043 on Windows
all
all
all
2022-05-11
2022-05-11
1 - 25 of 326
25 per page
50 per page
100 per page
Download
N
= Exploitable over the network with low complexity, unauthenticated attack.
© 2023 Palo Alto Networks, Inc. All rights reserved.