CVSS Summary Versions Affected Unaffected Published Updated 9.3 CVE-2024-0012
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
Prisma Access
None
< 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1
< 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1
< 11.0.0-h4, < 11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, < 11.0.5-h2, < 11.0.6-h1
< 10.2.0-h4, < 10.2.1-h3, < 10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, < 10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2
None
None
All
>= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1
>= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1
>= 11.0.0-h4, >= 11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >= 11.0.5-h2, >= 11.0.6-h1
>= 10.2.0-h4, >= 10.2.1-h3, >= 10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >= 10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2
All
All
2024-11-18 2025-03-03 9.9 PAN-SA-2024-0010
Expedition: Multiple Vulnerabilities in Expedition Lead to Exposure of Firewall Credentials Cloud NGFW
Expedition 1
Panorama
PAN-OS
Prisma Access
2024-10-09 2024-11-14 10 CVE-2024-3400
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect None
< 11.1.0-h3, < 11.1.1-h1, < 11.1.2-h3
< 11.0.0-h3, < 11.0.1-h4, < 11.0.2-h4, < 11.0.3-h10, < 11.0.4-h1
< 10.2.0-h3, < 10.2.1-h2, < 10.2.2-h5, < 10.2.3-h13, < 10.2.4-h16, < 10.2.5-h6, < 10.2.6-h3, < 10.2.7-h8, < 10.2.8-h3, < 10.2.9-h1
None
None
None
All
>= 11.1.0-h3, >= 11.1.1-h1, >= 11.1.2-h3
>= 11.0.0-h3, >= 11.0.1-h4, >= 11.0.2-h4, >= 11.0.3-h10, >= 11.0.4-h1
>= 10.2.0-h3, >= 10.2.1-h2, >= 10.2.2-h5, >= 10.2.3-h13, >= 10.2.4-h16, >= 10.2.5-h6, >= 10.2.6-h3, >= 10.2.7-h8, >= 10.2.8-h3, >= 10.2.9-h1
All
All
all
2024-04-12 2024-05-03 10 CVE-2021-44228
Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 Bridgecrew
Cortex Data Lake
Cortex XDR Agent
Cortex XSOAR
Cortex Xpanse
Enterprise Data Loss Prevention
Exact Data Matching CLI
Expedition
GlobalProtect App
IoT Security
Okyo Garde
PAN-DB Private Cloud
PAN-OS
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Cloud
Prisma Access
Prisma Cloud Compute
Prisma SD-WAN (CloudGenix)
SaaS Security
Traps
User-ID Agent
WildFire Appliance (WF-500)
WildFire Cloud
None
None
None
None
None
None
< 2.1
None
None
None
None
None
None on Firewall, WildFire
None on Panorama
< 10.0.8-h8 on Panorama
< 9.1.12-h3 on Panorama
< 9.0.15 on Panorama
None on Panorama
None
None
None
None
None
None
None
None
None
All
All
All
All
All
All
>= 2.1
All
All
All
All
All
All on Firewall, WildFire
All on Panorama
>= 10.0.8-h8 on Panorama
>= 9.1.12-h3 on Panorama
>= 9.0.15 on Panorama
All on Panorama
All
All
All
All
All
All
All
All
All
2021-12-10 2022-01-22 9.8 CVE-2021-3064
PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces 10.1.*
10.0.*
9.1.*
>= 8.1.17
all
2021-11-10 2021-11-15 9.8 CVE-2020-2040
PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
None
< 9.1.3
< 9.0.9
< 8.1.15
8.0.*
>= 10.0.0
>= 9.1.3
>= 9.0.9
>= 8.1.15
None
2020-09-09 2020-09-09 10 CVE-2020-2021
PAN-OS: Authentication Bypass in SAML Authentication PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.1.3
< 9.0.9
< 8.1.15
8.0.*
None
>= 9.1.3
>= 9.0.9
>= 8.1.15
None
7.1.*
2020-06-29 2020-06-29 9 CVE-2020-2018
PAN-OS: Panorama authentication bypass vulnerability PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.6
< 8.1.12
8.0.*
< 7.1.26
>= 9.0.6
>= 8.1.12
None
>= 7.1.26
2020-05-13 2020-05-13 10 CVE-2019-17440
PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
< 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
None
None
>= 9.0.6, 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
8.1
8.0
2019-12-19 2019-12-19 9.8 CVE-2019-1580
Memory Corruption in PAN-OS PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
<= 9.0.3
<= 8.1.9
<= 8.0.19
<= 7.1.24
>= 9.0.3-h3
>= 8.1.9-h4
>= 8.0.19-h1
>= 7.1.24-h1
2019-08-21 2019-08-21 9.8 CVE-2019-1581
Remote code execution in PAN-OS SSH management interface PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
<= 9.0.3
<= 8.1.9
<= 8.0.19
<= 7.1.24
>= 9.0.3-h3
>= 8.1.9-h4
>= 8.0.19-h1
>= 7.1.24-h1
2019-08-21 2019-08-21 9.8 CVE-2017-15940
Command Injection in PAN-OS PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.6
<= 7.1.13
<= 7.0.18
<= 6.1.18
>= 8.0.6
>= 7.1.14
>= 7.0.19
>= 6.1.19
2017-12-06 2017-12-06 9.8 CVE-2017-15944
Vulnerability in PAN-OS and Panorama on Management Interface PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
None
<= 7.1.13
<= 7.0.18
<= 6.1.18
>= 8.0.6, >= 8.0
>= 7.1.14
>= 7.0.19
>= 6.1.19
2017-12-06 2017-12-06 9.8 CVE-2017-9458
XML External Entity (XXE) in PAN-OS PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.11
<= 7.0.16
<= 6.1.17
>= 8.0.3
>= 7.1.12
>= 7.0.17
>= 6.1.18
2017-08-30 2017-08-30 9.8 CVE-2017-8390
Vulnerability in the PAN-OS DNS Proxy PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.9
<= 7.0.15
<= 6.1.17
>= 8.0.3
>= 7.1.10
>= 7.0.16
>= 6.1.18
2017-07-20 2017-07-20 9.8 CVE-2016-10229
Kernel Vulnerability PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.10
7.0.*
<= 6.1.17
>= 8.0.3
>= 7.1.11
None
>= 6.1.18
2017-06-19 2017-06-19 9.8 CVE-2017-7945
Brute force attack on the PAN-OS GlobalProtect external interface PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.1
<= 7.1.8
<= 7.0.14
<= 6.1.16
>= 8.0.2
>= 7.1.9
>= 7.0.15
>= 6.1.17
2017-04-28 2017-04-28 9.8 CVE-2016-9150
Buffer Overflow in the Management Web Interface PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.1
PAN-OS 5.0
<= 7.1.5
<= 7.0.10
<= 6.1.14
<= 6.0.14
<= 5.1.12
<= 5.0.19
>= 7.1.6
>= 7.0.11
>= 6.1.15
>= 6.0.15
>= 5.1.13
>= 5.0.20
2016-11-17 2016-11-17 9.8 CVE-2016-3655
Unauthenticated Command Injection in Management Web Interface PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.0
<= 7.0.4
<= 6.1.9
<= 6.0.12
<= 5.0.17
>= 7.0.5
>= 6.1.10
>= 6.0.13
>= 5.0.18
2016-02-24 2016-02-24 9.8 CVE-2016-3657
Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.0
<= 7.0.4
<= 6.1.9
<= 6.0.12
<= 5.0.17
>= 7.0.5
>= 6.1.10
>= 6.0.13
>= 5.0.18
2016-02-24 2016-02-24 9.8 PAN-SA-2015-0005
Device management authentication bypass 2015-07-24 2015-07-24 9.8 CVE-2012-6593
Command Injection Vulnerability 2012-04-27 2012-04-27 9.8 CVE-2012-6592
Command Injection Vulnerability 2012-04-27 2012-04-27 9.8 CVE-2012-6603
Credential Bypass Vulnerability PAN-OS 4.1
PAN-OS 4.0
PAN-OS 3.1
<= 4.1.3
<= 4.0.9
<= 3.1.11
>= 4.1.4
>= 4.0.10
>= 3.1.12
2012-04-27 2012-04-27