Palo Alto Networks Security Advisories

Found 9
VersionsAffectedUnaffected
7.8CVE-2022-0015 Cortex XDR Agent: An Uncontrolled Search Path Element Leads to Local Privilege Escalation (PE) Vulnerability
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 7.3
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
none
none
none
none
none
< 6.1.9
< 5.0.12
7.6.*
7.5.*
7.4.*
7.3.*
7.2.*
>= 6.1.9
>= 5.0.12
2022-01-122022-01-12
6.7CVE-2022-0014 Cortex XDR Agent: Unintended Program Execution When Using Live Terminal Session
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 7.3
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
none
none
none
< 7.3.2 on Windows
< 7.2.4 on Windows
< 6.1.9 on Windows
< 5.0.12 on Windows
7.6.*
7.5.*
7.4.*
>= 7.3.2 on Windows
>= 7.2.4 on Windows
>= 6.1.9 on Windows
>= 5.0.12 on Windows
2022-01-122022-01-14
6.1CVE-2022-0012 Cortex XDR Agent: Local Arbitrary File Deletion Vulnerability
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 7.3
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
none
none
none
< 7.3.2 on Windows
< 7.2.4 on Windows
< 6.1.9 on Windows
< 5.0.12 on Windows
7.6.*
7.5.*
7.4.*
>= 7.3.2 on Windows
>= 7.2.4 on Windows
>= 6.1.9 on Windows
>= 5.0.12 on Windows
2022-01-122022-01-14
5CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 7.3
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
none
none
< 7.3.2 on Windows
< 7.2.4 on Windows
< 6.1.9 on Windows
< 5.0.12 on Windows
7.5.*
7.4.*
>= 7.3.2 on Windows
>= 7.2.4 on Windows
>= 6.1.9 on Windows
>= 5.0.12 on Windows
2022-01-122022-01-14
9.8 NCVE-2021-44228 Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832
Bridgecrew
Cortex Data Lake
Cortex XDR Agent
Cortex Xpanse
Cortex XSOAR
Enterprise Data Loss Prevention
Exact Data Matching CLI
Expedition
GlobalProtect App
IoT Security
Okyo Garde
PAN-DB Private Cloud
PAN-OS for Firewall and Wildfire
PAN-OS for Panorama
Prisma Access
Prisma Cloud
Prisma Cloud Compute
Prisma SD-WAN (CloudGenix)
SaaS Security
Traps
User-ID Agent
WildFire Appliance
WildFire Cloud
none
none
none
none
none
none
< 1.2
none
none
none
none
none
none
< 9.0.15, < 10.0.8-h8, < 9.1.12-h3
none
none
none
none
none
none
none
none
none
all
all
all
all
all
all
>= 1.2
all
all
all
all
all
all
8.1.*, 10.1.*, >= 9.0.15, >= 10.0.8-h8, >= 9.1.12-h3
all
all
all
all
all
all
all
all
all
2021-12-102022-01-12
7.8CVE-2021-3042 Cortex XDR Agent: Improper Control of User-Controlled File Leads to Local Privilege Escalation
Cortex XDR Agent 7.3
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
7.3.* without content update 181 or later on Windows
7.2.* without content update 181 or later on Windows
6.1.* without content update 181 or later on Windows
none
7.3.* with content update 181 or later on Windows
7.2.* with content update 181 or later on Windows
6.1.* with content update 181 or later on Windows
all
2021-07-142021-07-15
7.8CVE-2021-3041 Cortex XDR Agent: Improper control of user-controlled file leads to local privilege escalation
Cortex XDR Agent 7.2
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
< 7.2.3 or without content update 171 or later on Windows
< 6.1.8 on Windows
< 5.0.11 on Windows
>= 7.2.3 with content update 171 or later on Windows
>= 6.1.8 on Windows
>= 5.0.11 on Windows
2021-06-092022-01-14
7.8CVE-2020-2049 Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation
Cortex XDR Agent 7.2
Cortex XDR Agent 7.1
Cortex XDR Agent 7.0
Cortex XDR Agent 6.1
7.2.* without content update 150 on Windows
7.1.* without content update 150 on Windows
none
none
7.2.* with content update 150 on Windows
7.1.* with content update 150 on Windows
7.0.* with latest content on Windows
6.1.* with latest content on Windows
2020-12-092020-12-09
5.5CVE-2020-2020 Cortex XDR Agent: Exceptional condition denial-of-service (DoS)
Cortex XDR Agent 7.2
Cortex XDR Agent 7.1
Cortex XDR Agent 7.0
Cortex XDR Agent 6.1
Cortex XDR Agent 5.0
none
< 7.1.2
< 7.0.3
< 6.1.7
< 5.0.10
>= 7.2.0
>= 7.1.2
>= 7.0.3
>= 6.1.7
>= 5.0.10
2020-12-092020-12-09
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2020 Palo Alto Networks, Inc. All rights reserved.