Palo Alto Networks Security Advisories

1 - 25 of 320
VersionsAffectedUnaffected
6.5CVE-2023-0003 Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server
Cortex XSOAR 8.1
Cortex XSOAR 6.10
Cortex XSOAR 6.9
Cortex XSOAR 6.8
Cortex XSOAR 6.6
none
< 6.10.0.185964
< 6.9.B185415
< 6.8.B185719
< 6.6.B186115
all
>= 6.10.0.185964
>= 6.9.B185415
>= 6.8.B185719
>= 6.6.B186115
2023-02-082023-02-08
6CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password
Cortex XDR Agent 7.9
Cortex XDR Agent 7.8
Cortex XDR Agent 7.5
Cortex XDR Agent 5.0
none
none
< 7.5.101-CE on Windows
none
all
all
>= 7.5.101-CE on Windows
all
2023-02-082023-02-08
5.5CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User
Cortex XDR Agent 7.9
Cortex XDR Agent 7.8
Cortex XDR Agent 7.5
Cortex XDR Agent 5.0
none
none
< 7.5.101-CE on Windows
< 5.0.12.22203 on Windows
all
all
>= 7.5.101-CE on Windows
>= 5.0.12.22203 on Windows
2023-02-082023-02-08
iPAN-SA-2023-0001 Impact of OpenSSL Vulnerabilities Disclosed Feb 7, 2023
none
all
2023-02-082023-02-08
iCVE-2023-22809 Impact of Sudo Vulnerability CVE-2023-22809
none
all
2023-02-082023-02-08
iPAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996
none
all
2022-12-232022-12-23
6.7CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine
Cortex XSOAR 6.9
Cortex XSOAR 6.8
Cortex XSOAR 6.6
Cortex XSOAR 6.5
< 6.9.0.130766 on Linux, <= 6.9.0.3387847 on Linux
all
all
all
>= 6.9.0.130766 on Linux
none
none
none
2022-11-092022-11-19
iCVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889
none
all
2022-11-092022-11-09
iPAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602
none
all
2022-10-312022-11-09
8.1CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 8.1
➔ View additional products
none
none
none
< 8.1.24
none
All
All
All
>= 8.1.24
all
2022-10-122022-10-12
5.5CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.8
Cortex XDR Agent 7.7
Cortex XDR Agent 5.0
< 7.5.101-CE on Windows
none
< 7.7.3 on Windows
< 5.0.12-hotfix update on Windows
>= 7.5.101-CE
all
>= 7.7.3
>= 5.0.12-hotfix update
2022-09-142022-09-14
iPAN-SA-2022-0005 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator
Cortex XDR Agent
All agents with a content update earlier than CU-860 on Windows
All agents with CU-860 or a later content update
2022-09-142023-03-08
0CVE-2022-28199 Informational: PAN-OS: Impact of the NVIDIA Dataplane Development Kit (DPDK) Vulnerability CVE-2022-28199
none
all
2022-09-142022-09-14
iPAN-SA-2022-0004 Informational: Cortex XDR Agent: Allow List is Visible to Low Privileged Users
Cortex XDR Agent
All agents with a content update earlier than CU-630 on Windows
All agents with CU-630 or a later content update
2022-09-142022-09-14
8.6 NCVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
➔ View additional products
none
< 10.2.2-h2
< 10.1.6-h6
< 10.0.11-h1
< 9.1.14-h4
< 9.0.16-h3
< 8.1.23-h1
none
none
none
All
>= 10.2.2-h2
>= 10.1.6-h6
>= 10.0.11-h1
>= 9.1.14-h4
>= 9.0.16-h3
>= 8.1.23-h1
All
All
all
2022-08-102022-08-19
iPAN-SA-2022-0003 Informational: Cortex XDR Agent: Proof of Concept (PoC) Reduces Effectiveness of Anti-Ransomware Protection Module
Cortex XDR Agent
All agents with a content update earlier than CU-610
All agents with CU-610 or a later content update
2022-08-102022-08-10
7.2CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
none
< 10.1.5
< 10.0.10
< 9.1.13
< 9.0.16
< 8.1.23
>= 10.2.0
>= 10.1.5
>= 10.0.10
>= 9.1.13
>= 9.0.16
>= 8.1.23
2022-05-112022-05-11
6.7CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 6.1
7.5.* without CU-330 on Windows
7.7.* without CU-330 on Windows
7.6.* without CU-330 on Windows
7.5.* without CU-330 on Windows
7.4.* without CU-330 on Windows
6.1.* without CU-330 on Windows
7.5.* with CU-330 on Windows
7.7.* with CU-330 on Windows
7.6.* with CU-330 on Windows
7.5.* with CU-330 on Windows
7.4.* with CU-330 on Windows
6.1.* with CU-330 on Windows
2022-05-112022-05-11
6.7CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
➔ View additional products
none
< 7.7.1.62043 without CU-500 on Windows
none
none
none
all
7.7.* with CU-500, >= 7.7.1.62043 on Windows
all
all
all
2022-05-112022-05-11
4.3CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports
Cortex XSOAR 6.6
Cortex XSOAR 6.5
Cortex XSOAR 6.2
Cortex XSOAR 6.1
< 6.6.0.2585049
6.5.*
6.2.*
6.1.*
>= 6.6.0.2585049
none
none
none
2022-05-112022-05-11
3.3PAN-SA-2022-0001 Cortex XDR Agent: Supervisor Password Hash Disclosure Vulnerability When Generating Support Files
Cortex XDR Agent 7.5 CE
Cortex XDR Agent 7.9
Cortex XDR Agent 7.8
Cortex XDR Agent 7.4
Cortex XDR Agent 5.0
none
none
none
< 7.4.1
all
all
all
all
>= 7.4.1
none
2022-04-142023-02-08
iPAN-SA-2022-0002 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator
Cortex XDR Agent
all on Windows
all on Linux and macOS
2022-04-142022-05-13
5.9CVE-2022-0023 PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.0
Prisma Access 2.2
Prisma Access 2.1
none
< 10.1.5
< 10.0.10
< 9.1.13
< 9.0.16
< 8.1.22
none
none
none
10.2.*
>= 10.1.5
>= 10.0.10
>= 9.1.13
>= 9.0.16
>= 8.1.22
Preferred, Innovation
Preferred
Preferred, Innovation
2022-04-132022-04-13
7.5 NCVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5-CE
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 6.1
Cortex XSOAR
GlobalProtect App 6.0
GlobalProtect App 5.3
GlobalProtect App 5.2
GlobalProtect App 5.1
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
Prisma Access 2.2
Prisma Access 2.1
Prisma Cloud
< 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux
< 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux
< 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux
< 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux
7.4.*
< 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux
none
< 6.0.1 on Windows and macOS, < 6.0.2 on Android and iOS
< 5.3.4
< 5.2.12
< 5.1.11
< 10.2.1
< 10.1.5-h1
< 10.0.10
< 9.1.13-h3
< 9.0.16-h2
< 8.1.23
Preferred, Innovation
Preferred, Innovation
Preferred
Preferred, Innovation
none
>= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux
>= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux
>= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux
>= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux
none
>= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux
all
>= 6.0.1 on Windows and macOS, >= 6.0.2 on Android and iOS
>= 5.3.4
>= 5.2.12
>= 5.1.11
>= 10.2.1
>= 10.1.5-h1
>= 10.0.10
>= 9.1.13-h3
>= 9.0.16-h2
>= 8.1.23
none
none
none
none
all
2022-03-312022-06-24
0CVE-2022-22963 Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965
none
all
2022-03-312022-04-25
1 - 25 of 320 Download
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2023 Palo Alto Networks, Inc. All rights reserved.