| | Versions | Affected | Unaffected | | |
|---|
| i | PAN-SA-2022-0007 Impact of OpenSSL 3.0 Vulnerability CVE-2022-3996 | AutoFocus Bridgecrew Cloud NGFW Cortex Data Lake Cortex XDR Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expanse Expedition Migration Tool GlobalProtect App IoT Security Okyo Garde Palo Alto Networks App for Splunk PAN-OS Prisma Access Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) Prisma SD-WAN ION SaaS Security User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | none none none none none none none none none none none none none none none none none none none none none none none none none none | all all all all all all all all all all all all all all all all all all all all all all all all all all | 2022-12-23 | 2022-12-23 |
| 6.7 | CVE-2022-0031 Cortex XSOAR: Local Privilege Escalation (PE) Vulnerability in Cortex XSOAR Engine | Cortex XSOAR 6.9 Cortex XSOAR 6.8 Cortex XSOAR 6.6 Cortex XSOAR 6.5 | < 6.9.0.130766 on Linux, <= 6.9.0.3387847 on Linux all all all | >= 6.9.0.130766 on Linux none none none | 2022-11-09 | 2022-11-19 |
| i | CVE-2022-42889 Impact of Apache Text Commons Vulnerability CVE-2022-42889 | AutoFocus Bridgecrew Cloud NGFW Cortex Data Lake Cortex XDR Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expanse Expedition Migration Tool GlobalProtect App IoT Security Okyo Garde Palo Alto Networks App for Splunk PAN-OS Prisma Access Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) Prisma SD-WAN ION SaaS Security User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | none none none none none none none none none none none none none none none none none none none none none none none none none none | all all all all all all all all all all all all all all all all all all all all all all all all all all | 2022-11-09 | 2022-11-09 |
| i | PAN-SA-2022-0006 Impact of OpenSSL 3.0 Vulnerabilities CVE-2022-3786 and CVE-2022-3602 | AutoFocus Bridgecrew Cloud NGFW Cortex Data Lake Cortex XDR Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expanse Expedition Migration Tool GlobalProtect App IoT Security Okyo Garde Palo Alto Networks App for Splunk PAN-OS Prisma Access Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) Prisma SD-WAN ION SaaS Security User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | none none none none none none none none none none none none none none none none none none none none none none none none none none | all all all all all all all all all all all all all all all all all all all all all all all all all all | 2022-10-31 | 2022-11-09 |
| 8.1 | CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface | Cloud NGFW PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none none none none none < 8.1.24 none | All All All All All All >= 8.1.24 All | 2022-10-12 | 2022-10-12 |
| 5.5 | CVE-2022-0029 Cortex XDR Agent: Improper Link Resolution Vulnerability When Generating a Tech Support File | Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.8 Cortex XDR Agent 7.7 Cortex XDR Agent 5.0 | < 7.5.101-CE on Windows none < 7.7.3 on Windows < 5.0.12-hotfix update on Windows | >= 7.5.101-CE all >= 7.7.3 >= 5.0.12-hotfix update | 2022-09-14 | 2022-09-14 |
| i | PAN-SA-2022-0005 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator | | All agents with a content update earlier than CU-760 on Windows | All agents with CU-760 or a later content update | 2022-09-14 | 2022-12-14 |
| 0 | CVE-2022-28199 Informational: PAN-OS: Impact of the NVIDIA Dataplane Development Kit (DPDK) Vulnerability CVE-2022-28199 | Cloud NGFW PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none none none none none none none none none none none | all all all all all all all all all all all | 2022-09-14 | 2022-09-14 |
| i | PAN-SA-2022-0004 Informational: Cortex XDR Agent: Allow List is Visible to Low Privileged Users | | All agents with a content update earlier than CU-630 on Windows | All agents with CU-630 or a later content update | 2022-09-14 | 2022-09-14 |
| 8.6 N | CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering | Cloud NGFW PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none < 10.2.2-h2 < 10.1.6-h6 < 10.0.11-h1 < 9.1.14-h4 < 9.0.16-h3 < 8.1.23-h1 none none none none | All >= 10.2.2-h2 >= 10.1.6-h6 >= 10.0.11-h1 >= 9.1.14-h4 >= 9.0.16-h3 >= 8.1.23-h1 All All All All | 2022-08-10 | 2022-08-19 |
| i | PAN-SA-2022-0003 Informational: Cortex XDR Agent: Proof of Concept (PoC) Reduces Effectiveness of Anti-Ransomware Protection Module | | All agents with a content update earlier than CU-610 | All agents with CU-610 or a later content update | 2022-08-10 | 2022-08-10 |
| 7.2 | CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.23 | >= 10.2.0 >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.23 | 2022-05-11 | 2022-05-11 |
| 6.7 | CVE-2022-0026 Cortex XDR Agent: Unintended Program Execution Leads to Local Privilege Escalation (PE) Vulnerability | Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 | 7.5.* without CU-330 on Windows 7.7.* without CU-330 on Windows 7.6.* without CU-330 on Windows 7.5.* without CU-330 on Windows 7.4.* without CU-330 on Windows 6.1.* without CU-330 on Windows | 7.5.* with CU-330 on Windows 7.7.* with CU-330 on Windows 7.6.* with CU-330 on Windows 7.5.* with CU-330 on Windows 7.4.* with CU-330 on Windows 6.1.* with CU-330 on Windows | 2022-05-11 | 2022-05-11 |
| 6.7 | CVE-2022-0025 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability | Cortex XDR Agent 7.5 CE Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 Cortex XDR Agent 5.0 | none < 7.7.1.62043 without CU-500 on Windows none none none none none | all 7.7.* with CU-500, >= 7.7.1.62043 on Windows all all all all all | 2022-05-11 | 2022-05-11 |
| 4.3 | CVE-2022-0027 Cortex XSOAR: Incorrect Authorization Vulnerability When Generating Reports | Cortex XSOAR 6.6 Cortex XSOAR 6.5 Cortex XSOAR 6.2 Cortex XSOAR 6.1 | < 6.6.0.2585049 6.5.* 6.2.* 6.1.* | >= 6.6.0.2585049 none none none | 2022-05-11 | 2022-05-11 |
| 3.3 | PAN-SA-2022-0001 Cortex XDR Agent: Supervisor Password Hash Disclosure Vulnerability When Generating Support Files | | | | 2022-04-14 | 2022-04-14 |
| i | PAN-SA-2022-0002 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator | | | | 2022-04-14 | 2022-05-13 |
| 5.9 | CVE-2022-0023 PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.22 none none none | 10.2.* >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.22 Preferred, Innovation Preferred Preferred, Innovation | 2022-04-13 | 2022-04-13 |
| 7.5 N | CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778 | Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5-CE Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 Cortex XSOAR GlobalProtect App 6.0 GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 Prisma Cloud | < 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux < 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux < 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux < 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux 7.4.* < 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux none < 6.0.1 on Windows and macOS, < 6.0.2 on Android and iOS < 5.3.4 < 5.2.12 < 5.1.11 < 10.2.1 < 10.1.5-h1 < 10.0.10 < 9.1.13-h3 < 9.0.16-h2 < 8.1.23 Preferred, Innovation Preferred, Innovation Preferred Preferred, Innovation none | >= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux >= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux >= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux >= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux none >= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux all >= 6.0.1 on Windows and macOS, >= 6.0.2 on Android and iOS >= 5.3.4 >= 5.2.12 >= 5.1.11 >= 10.2.1 >= 10.1.5-h1 >= 10.0.10 >= 9.1.13-h3 >= 9.0.16-h2 >= 8.1.23 none none none none all | 2022-03-31 | 2022-06-24 |
| 0 | CVE-2022-22963 Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965 | AutoFocus Bridgecrew Cortex Data Lake Cortex XDR Agent Cortex Xpanse Cortex XSOAR Enterprise Data Loss Prevention Exact Data Matching CLI Expanse Expedition Migration Tool GlobalProtect App IoT Security Okyo Garde Palo Alto Networks App for Splunk PAN-OS Prisma Cloud Prisma Cloud Compute Prisma SD-WAN (CloudGenix) Prisma SD-WAN ION SaaS Security User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | none none none none none none none none none none none none none none none none none none none none none none none | all all all all all all all all all all all all all all all all all all all all all all all | 2022-03-31 | 2022-04-25 |
| 4.1 | CVE-2022-0022 PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none none < 10.0.7 < 9.1.11 9.0.* < 8.1.21 none none none | 10.2.* 10.1.* >= 10.0.7 >= 9.1.11 none >= 8.1.21 Preferred, Innovation Preferred Preferred, Innovation | 2022-03-09 | 2022-03-09 |
| 0 | CVE-2021-44142 Informational: Impact of the Samba Vulnerability CVE-2021-44142 on PAN-OS | | | | 2022-03-09 | 2022-03-09 |
| 7.4 | CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon With SAML Authentication | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.9 on Windows and MacOS none | 5.3.* >= 5.2.9 on Windows and MacOS >= 5.1.* | 2022-02-09 | 2022-03-09 |
| 7 | CVE-2022-0017 GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation | GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 | none < 5.2.5 on Windows < 5.1.10 on Windows | 5.3.* >= 5.2.5 on Windows >= 5.1.10 on Windows | 2022-02-09 | 2022-02-09 |
| 6.8 | CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface | Cortex XSOAR 6.5.0 Cortex XSOAR 6.2.0 Cortex XSOAR 6.1.0 | | | 2022-02-09 | 2022-02-09 |
= Exploitable over the network with low complexity, unauthenticated attack.