CVSS Summary Versions Affected Unaffected Published Updated 5.6 CVE-2024-5921
GlobalProtect App: Insufficient Certificate Validation Leads to Privilege Escalation GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
GlobalProtect UWP App
< 6.3.2* on Windows, < 6.3.2* on macOS
< 6.2.1-HF* on Linux, < 6.2.6* on Windows, < 6.2.6-HF* on macOS
All on Windows, All on macOS, All on Linux, All on Android, < 6.1.7* on iOS
None in FIPS-CC mode
None in FIPS-CC mode
All
>= 6.3.2* on Windows (ETA: end of Dec), >= 6.3.2* on macOS (ETA: end of Dec)
>= 6.2.1-HF* on Linux (ETA: end of Dec), >= 6.2.6* on Windows, >= 6.2.6-HF* on macOS (ETA: end of Dec)
None on Windows, None on macOS, None on Linux, None on Android, >= 6.1.7* on iOS (ETA: end of Dec)
All in FIPS-CC mode
All in FIPS-CC mode
None
2024-11-26 2024-12-06 9.3 CVE-2024-0012
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h1
< 11.1.5-h1
< 11.0.6-h1
< 10.2.12-h2
None
None
All
>= 11.2.4-h1
>= 11.1.5-h1
>= 11.0.6-h1
>= 10.2.12-h2
All
All
2024-11-18 2024-11-23 6.9 CVE-2024-9474
PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4-h1
< 11.1.5-h1
< 11.0.6-h1
< 10.2.12-h2
< 10.1.14-h6
None
All
>= 11.2.4-h1
>= 11.1.5-h1
>= 11.0.6-h1
>= 10.2.12-h2
>= 10.1.14-h6
All
2024-11-18 2024-11-21 8.6 PAN-SA-2024-0016
Chromium: Monthly Vulnerability Updates 2024-11-13 2024-11-13 6.6 CVE-2024-2550
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.5
< 11.0.6
< 10.2.11
None
None
All
All
>= 11.1.5
>= 11.0.6
>= 10.2.11
All
All
2024-11-13 2024-11-13 6.6 CVE-2024-2551
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.5
< 10.2.4-h6, < 10.2.5
< 10.1.14
None
All
All
All
>= 11.0.5
>= 10.2.4-h6, >= 10.2.5
>= 10.1.14
All
2024-11-13 2024-11-13 6.6 CVE-2024-9472
PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.2-h3, < 11.2.3
< 11.1.2-h14, < 11.1.3-h10
None
< 10.2.7-h16, < 10.2.8-h13, < 10.2.9-14, < 10.2.10-h7, < 10.2.11-h4
None
None
All
>= 11.2.2-h3, >= 11.2.3
>= 11.1.2-h14, >= 11.1.3-h10
All
>= 10.2.7-h16, >= 10.2.8-h13, >= 10.2.9-14, >= 10.2.10-h7, >= 10.2.11-h4
All
All
2024-11-13 2024-11-13 4.3 CVE-2024-2552
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI) Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.4
< 11.1.5
< 11.0.6
< 10.2.12
None
None
All
>= 11.2.4
>= 11.1.5
>= 11.0.6
>= 10.2.12
All
All
2024-11-13 2024-11-13 1.7 CVE-2024-5917
PAN-OS: Server-Side Request Forgery in WildFire Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
None
None
None
None
< 10.2.2
< 10.1.7
All
All
All
All
>= 10.2.2
>= 10.1.7
2024-11-13 2024-11-13 1.3 CVE-2024-5918
PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.3
< 10.2.4-h5
< 10.1.11
None
All
All
All
>= 11.0.3
>= 10.2.4-h5
>= 10.1.11
All
2024-11-13 2024-11-13 1.2 CVE-2024-5919
PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
None
< 11.0.2
< 10.2.5
< 10.1.10
None
All
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.10
All
2024-11-13 2024-11-13 1 CVE-2024-5920
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.4
< 11.0.6
< 10.2.11
< 10.1.14
None
All
All
>= 11.1.4
>= 11.0.6
>= 10.2.11
>= 10.1.14
All
2024-11-13 2024-11-13 i PAN-SA-2024-0014
Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent 2024-11-07 i PAN-SA-2024-0013
Informational Bulletin: Impact of OSS CVEs in PAN-OS 2024-11-01 i PAN-SA-2024-0012
Informational Bulletin: OSS CVEs fixed in PAN-OS Versions prior to those listed above
2024-10-29 9.9
N PAN-SA-2024-0010
Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials Cloud NGFW
Expedition
PAN-OS
Panorama
Prisma Access
2024-10-09 2024-11-14 8.6 PAN-SA-2024-0011
Chromium: Monthly Vulnerability Updates 2024-10-09 2024-10-09 8.2 CVE-2024-9468
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h5, < 11.0.6
< 10.2.9-h11, < 10.2.10-h4, < 10.2.11
None
None
All
All
>= 11.1.3
>= 11.0.4-h5, >= 11.0.6
>= 10.2.9-h11, >= 10.2.10-h4, >= 10.2.11
All
All
2024-10-09 2024-10-14 5.7 CVE-2024-9469
Cortex XDR Agent: Local Windows User Can Disable the Agent Cortex XDR Agent 8.6
Cortex XDR Agent 8.5
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3-CE
Cortex XDR Agent 8.3
Cortex XDR Agent 7.9-CE
None
None
< 8.4.1 on Windows
None
< 8.3.1 on Windows
< 7.9.102-CE on Windows
All
All
>= 8.4.1 on Windows
All
>= 8.3.1 on Windows
>= 7.9.102-CE on Windows
2024-10-09 2024-10-09 5.3 CVE-2024-9470
Cortex XSOAR: Information Disclosure Vulnerability Cortex XSOAR 8.0
Cortex XSOAR 6.13
Cortex XSOAR 6.12
None
None
< 6.12.0 (Build 1271551)
All
All
>= 6.12.0 (Build 1271551)
2024-10-09 2024-10-09 5.2 CVE-2024-9473
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.3.1-c383 on Windows
< 6.2.5 on Windows
< 6.1.4-c720 on Windows, = 6.1.5 on Windows
< 6.0.10-c823 on Windows
All on Windows
>= 6.3.1-c383 on Windows
>= 6.2.5 on Windows
>= 6.1.4-c720 on Windows
>= 6.0.10-c823 on Windows
None on Windows
2024-10-09 2024-10-24 5.1 CVE-2024-9471
PAN-OS: Privilege Escalation (PE) Vulnerability in XML API Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
None
None
< 11.0.3
< 10.2.8
< 10.1.11
All
All
None
All
All
>= 11.0.3
>= 10.2.8
>= 10.1.11
None
None
All
2024-10-09 2024-10-09 i CVE-2024-47076
Informational: No Impact of CUPS Vulnerabilities on Palo Alto Networks Products Cloud NGFW
Cortex XDR
Cortex XDR Agent
Cortex XSIAM
Cortex XSOAR
GlobalProtect App
PAN-OS
Prisma Access
Prisma Access Browser
Prisma Cloud
Prisma Cloud Compute
Prisma SD-WAN
None
None
None
None
None
None
None
None
None
None
None
None
All
All
All
All
All
All
All
All
All
All
All
All
2024-09-26 2024-09-26 8.6 PAN-SA-2024-0009
Prisma Access Browser: Monthly Vulnerability Updates 2024-09-11 2024-09-11 8.6 CVE-2024-8686
PAN-OS: Command Injection Vulnerability 2024-09-11 2024-09-11 6.9 CVE-2024-8687
PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes Cloud NGFW
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.2
GlobalProtect App 5.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 6.2.1
< 6.1.2
< 6.0.7
< 5.2.13
< 5.1.12
None
None
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
< 10.2.9 on PAN-OS
All
All
>= 6.2.1
>= 6.1.2
>= 6.0.7
>= 5.2.13
>= 5.1.12
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
>= 10.2.9 on PAN-OS
2024-09-11 2024-09-11 6.7 CVE-2024-8688
PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI) None
None
None
< 10.1.1
< 10.0.10
< 9.1.15
None
All
All
All
>= 10.1.1
>= 10.0.10
>= 9.1.15
all
2024-09-11 2024-09-11 6 CVE-2024-8689
ActiveMQ Content Pack: Cleartext Exposure of Credentials ActiveMQ Content Pack 1.1
2024-09-11 2024-09-11 5.6 CVE-2024-8690
Cortex XDR Agent: Local Windows Administrator Can Disable the Agent Cortex XDR Agent 8.5
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3-CE
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 7.9.102-CE
2024-09-11 2024-09-11 5.3 CVE-2024-8691
PAN-OS: User Impersonation in GlobalProtect Portal None
None
None
< 10.1.11
< 9.1.17
None
All
All
All
>= 10.1.11
>= 9.1.17
all
2024-09-11 2024-09-11 i PAN-SA-2024-0008
Informational Bulletin: Impact of OSS CVEs in PAN-OS 2024-09-04 i CVE-2024-5535
Informational Bulletin: Impact of OpenSSL Vulnerabilities CVE-2024-5535 and CVE-2024-6119 2024-08-22 2024-09-04 8.6 PAN-SA-2024-0007
Prisma Access Browser: Monthly Vulnerability Updates 2024-08-14 2024-08-14 7 CVE-2024-5914
Cortex XSOAR: Command Injection in CommonScripts Pack Cortex XSOAR CommonScripts
2024-08-14 2024-08-14 6 CVE-2024-5916
PAN-OS: Cleartext Exposure of External System Secrets Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
Prisma Access
Before 8/15 on Azure, Before 8/23 on AWS
None
< 11.0.4
< 10.2.8
None
None
None
On or after 8/15 on Azure, On or after 8/23 on AWS
All
>= 11.0.4
>= 10.2.8
All
All
All
2024-08-14 2024-08-14 5.2 CVE-2024-5915
GlobalProtect App: Local Privilege Escalation (PE) Vulnerability GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.3.1 on Windows
< 6.2.4 on Windows
< 6.1.5 on Windows
< 6.0.10-c826 on Windows
< 5.1.x on Windows
>= 6.3.1 on Windows
>= 6.2.4 on Windows
>= 6.1.5 on Windows
>= 6.0.10-c826 on Windows
>= 5.1.x (ETA: December 2024) on Windows
2024-08-14 2024-11-06 5.3 CVE-2024-3596
PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h5, < 11.0.6
< 10.2.10
< 10.1.14
< 9.1.19
All
All
All
>= 11.1.3
>= 11.0.4-h5, >= 11.0.6
>= 10.2.10
>= 10.1.14
>= 9.1.19
None (Fix ETA: September 15)
2024-07-10 2024-07-26
=
Exploitable over the network with low complexity, unauthenticated attack.