Palo Alto Networks Security Advisories

1 - 25 of 210

CVSS	Summary	Versions	Affected	Unaffected	Published	Updated
i	PAN-SA-2025-0012 Informational Bulletin: OSS CVEs Fixed in PAN-OS	PAN-OS			2025-07-09	2025-07-09
2	CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal	Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access	All < 11.2.4-h9, < 11.2.7 < 11.1.6-h14, < 11.1.10-h1 < 10.2.16-h1 All All	None (See Mitigations and Workarounds) >= 11.2.4-h9, >= 11.2.7 >= 11.1.6-h14, >= 11.1.10-h1 >= 10.2.16-h1 None None (See Mitigations and Workarounds)	2025-05-14	2025-07-09
i	PAN-SA-2025-0005 GlobalProtect Clientless VPN: Clientless VPN Misconfiguration Allows Cross-Site Attacks	Cloud NGFW PAN-OS Prisma Access	None All All	All None None	2025-02-12	2025-02-12
i	PAN-SA-2025-0006 Informational Bulletin: Impact of OSS CVEs in PAN-OS	PAN-OS	None	All	2025-02-12	2025-02-12
i	PAN-SA-2025-0003 Informational: PAN-OS BIOS and Bootloader Security Bulletin	Cloud NGFW PAN-OS Prisma Access	None All on PA-3200, PA-5200, PA-7000 None	All None on PA-3200, PA-5200, PA-7000. No other platforms are affected All	2025-01-23	2025-06-24
i	PAN-SA-2024-0014 Informational Bulletin: Impact of OSS CVEs in Cortex XDR Agent	Cortex XDR Agent	None	All	2024-11-07	2024-11-07
i	PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS	PAN-OS	None	All	2024-09-04	2024-09-04
i	PAN-SA-2024-0005 Informational Bulletin: Proof of Concept (PoC) Bypasses Protection Modules in Cortex XDR Agent	Cortex XDR Agent 8.4 Cortex XDR Agent 8.3 Cortex XDR Agent 8.2 Cortex XDR Agent 8.1 Cortex XDR Agent 8.0 Cortex XDR Agent 7.9 Cortex XDR Agent 5.0	< Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows < Agents with content update earlier than CU-1320 on Windows All agents on Windows	>= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows >= Agents with CU-1320 or a later content update on Windows None	2024-04-24	2024-04-24
i	PAN-SA-2024-0004 Informational Bulletin: OSS CVEs fixed in PAN-OS	PAN-OS			2024-04-10	2024-04-10
i	PAN-SA-2024-0001 Informational Bulletin: Impact of OSS CVEs in PAN-OS	PAN-OS	None	All	2024-02-14	2024-02-14
4.1	CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	None None < 10.2.3 < 10.1.8 < 10.0.12 < 9.1.15 < 9.0.17 < 8.1.24 None	All All >= 10.2.3 >= 10.1.8 >= 10.0.12 >= 9.1.15 >= 9.0.17 >= 8.1.24 All	2023-04-12	2023-04-12
i	PAN-SA-2022-0005 Informational: Cortex XDR Agent: Product Disruption by Local Windows Administrator	Cortex XDR Agent	All agents with a content update earlier than CU-860 on Windows	All agents with CU-860 or a later content update	2022-09-14	2023-03-08
4.1	CVE-2022-0022 PAN-OS: Use of a Weak Cryptographic Algorithm for Stored Password Hashes	PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 ➔ View additional products	None None < 10.0.7 < 9.1.11 < 9.0.17 < 8.1.21 None None	10.2.* 10.1.* >= 10.0.7 >= 9.1.11 >= 9.0.17 >= 8.1.21 Preferred, Innovation all	2022-03-09	2022-03-09
8.8	CVE-2021-3056 PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication	PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 2.2 Prisma Access 2.1	None < 10.0.1 < 9.1.9 < 9.0.14 < 8.1.20 None Preferred	10.1.* >= 10.0.1 >= 9.1.9 >= 9.0.14 >= 8.1.20 All Innovation	2021-11-10	2021-11-10
3.7	CVE-2020-1968 PAN-OS: Impact of the Raccoon Attack Vulnerability CVE-2020-1968	PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 2.2 Prisma Access 2.1 Prisma Access 2.0	None None 9.1.* 9.0.* 8.1.* None Preferred Preferred	10.1.* 10.0.* None None None Preferred Innovation Innovation	2021-10-13	2021-11-01
8	CVE-2021-3052 PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface	PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1	None < 10.0.2 < 9.1.10 < 9.0.14 < 8.1.20	10.1.* >= 10.0.2 >= 9.1.10 >= 9.0.14 >= 8.1.20	2021-09-08	2021-09-12
8.1	CVE-2020-10188 PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)	PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1	None < 10.0.6 < 9.1.9 < 9.0.14 < 8.1.20	10.1.* >= 10.0.6 >= 9.1.9 >= 9.0.14 >= 8.1.20	2021-09-08	2021-09-08
5.9	CVE-2021-3048 PAN-OS: Invalid URLs in an External Dynamic List (EDL) can Lead to Firewall Outage	PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1	None < 10.0.5 < 9.1.9 < 9.0.14 None	10.1.* >= 10.0.5 >= 9.1.9 >= 9.0.14 8.1.*	2021-08-11	2021-08-11
i	PAN-SA-2021-0003 Informational: Impact of the NAME:WRECK DNS vulnerabilities	PAN-OS Prisma SD-WAN (CloudGenix)	None None	All All	2021-05-10	2021-05-12
i	CVE-2020-27619 Informational: Impact of Python Test Suite Vulnerability CVE-2020-27619	Cortex XSOAR PAN-OS	None None	All All	2021-02-10	2021-02-10
9.1	CVE-2021-3033 Prisma Cloud Compute: SAML Authentication Bypass Vulnerability in Console	Prisma Cloud Compute 20.12 Prisma Cloud Compute 20.09 Prisma Cloud Compute 20.04 Prisma Cloud Compute 19.11	<= 20.12.535 <= 20.09.365 <= 20.04.177 <= 19.11.*	>= 20.12.541 >= 20.09.374 >= 20.04.183 None	2021-02-10	2021-02-26
i	PAN-SA-2021-0002 Informational: PAN-OS: NAT slipstreaming v1.0 and v2.0 attacks	PAN-OS	None	All	2021-02-10	2021-03-10
i	PAN-SA-2021-0001 Informational: Cortex XSOAR: Impact of Golang XML parsing vulnerabilities	Cortex XSOAR 6.0 Cortex XSOAR 5.5	< 6.0.2 None	>= 6.0.2 5.5.*	2021-01-13	2021-01-13
7.8	CVE-2020-2049 Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation	Cortex XDR Agent 7.2 Cortex XDR Agent 7.1 Cortex XDR Agent 7.0 Cortex XDR Agent 6.1	7.2.* without content update 150 on Windows 7.1.* without content update 150 on Windows None None	7.2.* with content update 150 on Windows 7.1.* with content update 150 on Windows 7.0.* with latest content on Windows 6.1.* with latest content on Windows	2020-12-09	2020-12-09
i	PAN-SA-2020-0011 Informational: Impact of OpenSSL vulnerability CVE-2020-1971	Cortex XSOAR GlobalProtect App PAN-OS	None None None	All All All	2020-12-09	2020-12-09

1 - 25 of 210 Download

Palo Alto Networks Security Advisories

Super Users: Setup Emergency Security Contacts (ESC) for Product Security Alerts