Palo Alto Networks Security Advisories

1 - 25 of 381
VersionsAffectedUnaffected
9.3 NCVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account Takeover
Expedition 1.2
< 1.2.92
>= 1.2.92
2024-07-102024-07-10
7CVE-2024-5911 PAN-OS: File Upload Vulnerability in the Panorama Web Interface
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 10.2
PAN-OS 10.1
➔ View additional products
none
none
none
< 10.2.4 on Panorama
< 10.1.9 on Panorama
none
All
All
All
>= 10.2.4 on Panorama
>= 10.1.9 on Panorama
all
2024-07-102024-07-10
6.8CVE-2024-5912 Cortex XDR Agent: Improper File Signature Verification Checks
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3-CE
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 7.9-CE
None
None
None
< 8.2.2
< 7.9.102-CE
All
All
All
>= 8.2.2
>= 7.9.102-CE
2024-07-102024-07-10
5.4CVE-2024-5913 PAN-OS: Improper Input Validation Vulnerability in PAN-OS
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.1
< 11.1.4
< 11.0.5
< 10.2.10
< 10.1.14-h2
None
All
>= 11.2.1
>= 11.1.4
>= 11.0.5
>= 10.2.10
>= 10.1.14-h2
All
2024-07-102024-07-10
5.3CVE-2024-3596 PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation
Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h4
< 10.2.10
< 10.1.14
< 9.1.19
All
All
All
>= 11.1.3
>= 11.0.4-h4
>= 10.2.10
>= 10.1.14
>= 9.1.19
None (Fix ETA: July 30)
2024-07-102024-07-10
iPAN-SA-2024-0006 Informational Bulletin: Expedition Installation Script Resets Root Password
Expedition initSetup_v2.0
< commit date 20240605
>= commit date 20240605
2024-07-102024-07-10
iCVE-2024-6387 Informational Bulletin: Impact of OpenSSH regreSSHion Vulnerability
Cloud NGFW
PAN-OS
Prisma Access
None
None
None
All
All
All
2024-07-012024-07-03
6.8CVE-2024-5909 Cortex XDR Agent: Local Windows User Can Disable the Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
None
< 8.2.1 on Windows
< 8.1.2 on Windows
< 7.9.102-CE on Windows
All
All
>= 8.2.1 on Windows
>= 8.1.2 on Windows
>= 7.9.102-CE on Windows
2024-06-122024-06-12
5.5CVE-2024-5908 GlobalProtect App: Encrypted Credential Exposure via Log Files
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.1
< 6.2.3
< 6.1.3
< 6.0.8
< 5.1.12
>= 6.2.3
>= 6.1.3
>= 6.0.8
>= 5.1.12
2024-06-122024-06-12
5.2CVE-2024-5907 Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
< 8.3.1 on Windows
< 8.2.3 on Windows
All
< 7.9.102-CE on Windows
All
>= 8.3.1 on Windows
>= 8.2.3 on Windows
None
>= 7.9.102-CE on Windows
2024-06-122024-06-12
4.8CVE-2024-5906 Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Prisma Cloud Compute 32
< 32.05 (O’Neal - Update 5)
>= 32.05 (O’Neal - Update 5)
2024-06-122024-06-12
2CVE-2024-5905 Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 7.9-CE
None
None
< 8.2.1 on Windows
< 8.1.2 on Windows
< 7.9.102-CE on Windows
All
All
>= 8.2.1 on Windows
>= 8.1.2 on Windows
>= 7.9.102-CE on Windows
2024-06-122024-06-12
2.1CVE-2024-3661 Impact of TunnelVision Vulnerability
Cloud NGFW
GlobalProtect app on Android
GlobalProtect app on iOS
GlobalProtect app on Linux
GlobalProtect app on Windows and macOS
PAN-OS
Prisma Access
none
none
All versions without IncludeAllNetworks set to 1
All
All versions without Endpoint Traffic Policy Enforcement set to All Traffic
none
none
All
All
All versions with IncludeAllNetworks set to 1
Upcoming major release
All versions with Endpoint Traffic Policy Enforcement set to All Traffic
All
All
2024-05-162024-05-16
iPAN-SA-2024-0005 Informational Bulletin: Proof of Concept (PoC) Bypasses Protection Modules in Cortex XDR Agent
Cortex XDR Agent 8.4
Cortex XDR Agent 8.3
Cortex XDR Agent 8.2
Cortex XDR Agent 8.1
Cortex XDR Agent 8.0
Cortex XDR Agent 7.9
Cortex XDR Agent 5.0
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
< Agents with content update earlier than CU-1320 on Windows
All agents on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
>= Agents with CU-1320 or a later content update on Windows
none
2024-04-242024-04-24
10 NCVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
➔ View additional products
none
< 11.1.0-h3, < 11.1.1-h1, < 11.1.2-h3
< 11.0.0-h3, < 11.0.1-h4, < 11.0.2-h4, < 11.0.3-h10, < 11.0.4-h1
< 10.2.0-h3, < 10.2.1-h2, < 10.2.2-h5, < 10.2.3-h13, < 10.2.4-h16, < 10.2.5-h6, < 10.2.6-h3, < 10.2.7-h8, < 10.2.8-h3, < 10.2.9-h1
none
none
none
All
>= 11.1.0-h3, >= 11.1.1-h1, >= 11.1.2-h3
>= 11.0.0-h3, >= 11.0.1-h4, >= 11.0.2-h4, >= 11.0.3-h10, >= 11.0.4-h1
>= 10.2.0-h3, >= 10.2.1-h2, >= 10.2.2-h5, >= 10.2.3-h13, >= 10.2.4-h16, >= 10.2.5-h6, >= 10.2.6-h3, >= 10.2.7-h8, >= 10.2.8-h3, >= 10.2.9-h1
All
All
all
2024-04-122024-05-03
8.3 NCVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.3
< 10.2.5
< 10.1.11
none
none
All
All
>= 11.0.3
>= 10.2.5
>= 10.1.11
All
all
2024-04-102024-04-10
8.2 NCVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.0.12
< 9.1.15-h1
< 9.0.17
< 8.1.24
none
All
All
All
>= 10.0.12
>= 9.1.15-h1
>= 9.0.17
>= 8.1.24
all
2024-04-102024-04-10
8.2CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
< 11.1.2
< 11.0.4
< 10.2.7-h3
none
none
none
All
>= 11.1.2
>= 11.0.4
>= 10.2.7-h3
All
All
all
2024-04-102024-04-10
8.2 NCVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.3
< 10.2.8
< 10.1.12
< 9.1.17
< 9.0.17-h4
none
All
All
>= 11.0.3
>= 10.2.8
>= 10.1.12
>= 9.1.17
>= 9.0.17-h4
All
2024-04-102024-04-10
6.9 NCVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.1-h2, < 11.0.2
< 10.2.4-h2, < 10.2.5
< 10.1.9-h3, < 10.1.10
< 10.0.13
< 9.1.17
< 9.0.17-h2
none
All
All
>= 11.0.1-h2, >= 11.0.2
>= 10.2.4-h2, >= 10.2.5
>= 10.1.9-h3, >= 10.1.10
>= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-04-102024-04-10
6CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.4 on Panorama
< 10.2.7-h3 on Panorama, < 10.2.8 on Panorama
< 10.1.12 on Panorama
none
none
All
All
>= 11.0.4 on Panorama
>= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama
>= 10.1.12 on Panorama
All
all
2024-04-102024-04-10
5.1CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.3
< 10.2.7-h3
< 10.1.11-h4
< 9.1.17
< 9.0.17-h4
< 8.1.26
< 10.2.4
All
All
>= 11.0.3
>= 10.2.7-h3
>= 10.1.11-h4
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
>= 10.2.4
2024-04-102024-04-10
iPAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS
PAN-OS
Versions prior to those listed above
Versions listed above
2024-04-10
iPAN-SA-2024-0003 Informational Bulletin: Impact of OSS CVEs in Prisma SD-WAN ION
Prisma SD-WAN ION
none
All
2024-04-05
iCVE-2024-3094 Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094)
none
all
2024-04-012024-04-01
1 - 25 of 381 Download
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2024 Palo Alto Networks, Inc. All rights reserved.