| 9.3 | CVE-2024-0012
PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.0-h1, < 11.2.1-h1, < 11.2.2-h2, < 11.2.3-h3, < 11.2.4-h1 < 11.1.0-h4, < 11.1.1-h2, < 11.1.2-h15, < 11.1.3-h11, < 11.1.4-h7, < 11.1.5-h1 < 11.0.0-h4, < 11.0.1-h5, < 11.0.2-h5, < 11.0.3-h13, < 11.0.4-h6, < 11.0.5-h2, < 11.0.6-h1 < 10.2.0-h4, < 10.2.1-h3, < 10.2.2-h6, < 10.2.3-h14, < 10.2.4-h32, < 10.2.5-h9, < 10.2.6-h6, < 10.2.7-h18, < 10.2.8-h15, < 10.2.9-h16, < 10.2.10-h9, < 10.2.11-h6, < 10.2.12-h2 None None | All >= 11.2.0-h1, >= 11.2.1-h1, >= 11.2.2-h2, >= 11.2.3-h3, >= 11.2.4-h1 >= 11.1.0-h4, >= 11.1.1-h2, >= 11.1.2-h15, >= 11.1.3-h11, >= 11.1.4-h7, >= 11.1.5-h1 >= 11.0.0-h4, >= 11.0.1-h5, >= 11.0.2-h5, >= 11.0.3-h13, >= 11.0.4-h6, >= 11.0.5-h2, >= 11.0.6-h1 >= 10.2.0-h4, >= 10.2.1-h3, >= 10.2.2-h6, >= 10.2.3-h14, >= 10.2.4-h32, >= 10.2.5-h9, >= 10.2.6-h6, >= 10.2.7-h18, >= 10.2.8-h15, >= 10.2.9-h16, >= 10.2.10-h9, >= 10.2.11-h6, >= 10.2.12-h2 All All | 2024-11-18 | 2025-03-03 |
| 10 | CVE-2024-3400
PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect | | None < 11.1.0-h3, < 11.1.1-h1, < 11.1.2-h3 < 11.0.0-h3, < 11.0.1-h4, < 11.0.2-h4, < 11.0.3-h10, < 11.0.4-h1 < 10.2.0-h3, < 10.2.1-h2, < 10.2.2-h5, < 10.2.3-h13, < 10.2.4-h16, < 10.2.5-h6, < 10.2.6-h3, < 10.2.7-h8, < 10.2.8-h3, < 10.2.9-h1 None None None | All >= 11.1.0-h3, >= 11.1.1-h1, >= 11.1.2-h3 >= 11.0.0-h3, >= 11.0.1-h4, >= 11.0.2-h4, >= 11.0.3-h10, >= 11.0.4-h1 >= 10.2.0-h3, >= 10.2.1-h2, >= 10.2.2-h5, >= 10.2.3-h13, >= 10.2.4-h16, >= 10.2.5-h6, >= 10.2.6-h3, >= 10.2.7-h8, >= 10.2.8-h3, >= 10.2.9-h1 All All all | 2024-04-12 | 2024-05-03 |
| 10 | CVE-2021-44228
Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 | Bridgecrew Cortex Data Lake Cortex XDR Agent Cortex XSOAR Cortex Xpanse Enterprise Data Loss Prevention Exact Data Matching CLI Expedition GlobalProtect App IoT Security Okyo Garde PAN-DB Private Cloud PAN-OS PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Cloud Prisma Access Prisma Cloud Compute Prisma SD-WAN (CloudGenix) SaaS Security Traps User-ID Agent WildFire Appliance (WF-500) WildFire Cloud | None None None None None None < 2.1 None None None None None None on Firewall, WildFire None on Panorama < 10.0.8-h8 on Panorama < 9.1.12-h3 on Panorama < 9.0.15 on Panorama None on Panorama None None None None None None None None None | All All All All All All >= 2.1 All All All All All All on Firewall, WildFire All on Panorama >= 10.0.8-h8 on Panorama >= 9.1.12-h3 on Panorama >= 9.0.15 on Panorama All on Panorama All All All All All All All All All | 2021-12-10 | 2022-01-22 |