Palo Alto Networks Security Advisories

Found 23
VersionsAffectedUnaffected
9.8 NCVE-2020-2040 PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
none
< 9.1.3
< 9.0.9
< 8.1.15
8.0.*
>= 10.0.0
>= 9.1.3
>= 9.0.9
>= 8.1.15
none
2020-09-092020-09-10
10 NCVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.1.3
< 9.0.9
< 8.1.15
8.0.*
none
>= 9.1.3
>= 9.0.9
>= 8.1.15
none
7.1.*
2020-06-292020-06-29
9CVE-2020-2018 PAN-OS: Panorama authentication bypass vulnerability
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.6
< 8.1.12
8.0.*
< 7.1.26
>= 9.0.6
>= 8.1.12
none
>= 7.1.26
2020-05-132020-05-14
10 NCVE-2019-17440 PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
< 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
none
none
>= 9.0.6, 9.0.5-h3 on PA-7000 Series with 2nd Generation SMC
8.1
8.0
2019-12-192019-12-19
9.8 NCVE-2019-1584 Remote Command Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.293
>= 1.294
2019-10-012020-09-01
9.8 NCVE-2019-15019 Insecure Firmware Validation in Zingbox Inspector
Zingbox Inspector 1
<= 1.294
>= 1.295
2019-10-012020-09-01
9.8 NCVE-2019-15020 Command Injection in Zingbox Inspector
Zingbox Inspector 1
<= 1.293
>= 1.294
2019-10-012020-09-01
9.8 NCVE-2019-1580 Memory Corruption in PAN-OS
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
<= 9.0.3
<= 8.1.9
<= 8.0.19
<= 7.1.24
>= 9.0.3-h3
>= 8.1.9-h4
>= 8.0.19-h1
>= 7.1.24-h1
2019-08-212020-06-23
9.8 NCVE-2019-1581 Remote code execution in PAN-OS SSH management interface
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
<= 9.0.3
<= 8.1.9
<= 8.0.19
<= 7.1.24
>= 9.0.3-h3
>= 8.1.9-h4
>= 8.0.19-h1
>= 7.1.24-h1
2019-08-212020-06-23
9.8 NCVE-2018-10143 Remote Code Execution in Expedition Migration Tool
Expedition 1.0
<= 1.0.107
>= 1.0.108
2018-12-112020-09-01
9.8 NCVE-2017-15940 Command Injection in PAN-OS
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.6
<= 7.1.13
<= 7.0.18
<= 6.1.18
>= 8.0.6
>= 7.1.14
>= 7.0.19
>= 6.1.19
2017-12-062017-12-06
9.8 NCVE-2017-15944 Vulnerability in PAN-OS and Panorama on Management Interface
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
none
<= 7.1.13
<= 7.0.18
<= 6.1.18
>= 8.0.6, >= 8.0
>= 7.1.14
>= 7.0.19
>= 6.1.19
2017-12-062017-12-06
9.8 NCVE-2017-9458 XML External Entity (XXE) in PAN-OS
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.11
<= 7.0.16
<= 6.1.17
>= 8.0.3
>= 7.1.12
>= 7.0.17
>= 6.1.18
2017-08-302017-08-30
9.8 NCVE-2017-8390 Vulnerability in the PAN-OS DNS Proxy
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.9
<= 7.0.15
<= 6.1.17
>= 8.0.3
>= 7.1.10
>= 7.0.16
>= 6.1.18
2017-07-202017-07-20
9.8 NCVE-2016-10229 Kernel Vulnerability
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.2
<= 7.1.10
7.0.*
<= 6.1.17
>= 8.0.3
>= 7.1.11
none
>= 6.1.18
2017-06-192017-06-19
9.8 NCVE-2017-7945 Brute force attack on the PAN-OS GlobalProtect external interface
PAN-OS 8.0
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
<= 8.0.1
<= 7.1.8
<= 7.0.14
<= 6.1.16
>= 8.0.2
>= 7.1.9
>= 7.0.15
>= 6.1.17
2017-04-282017-04-28
9.8 NCVE-2016-9150 Buffer Overflow in the Management Web Interface
PAN-OS 7.1
PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.1
PAN-OS 5.0
<= 7.1.5
<= 7.0.10
<= 6.1.14
<= 6.0.14
<= 5.1.12
<= 5.0.19
>= 7.1.6
>= 7.0.11
>= 6.1.15
>= 6.0.15
>= 5.1.13
>= 5.0.20
2016-11-172016-11-17
9.8 NCVE-2016-3655 Unauthenticated Command Injection in Management Web Interface
PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.0
<= 7.0.4
<= 6.1.9
<= 6.0.12
<= 5.0.17
>= 7.0.5
>= 6.1.10
>= 6.0.13
>= 5.0.18
2016-02-242016-02-24
9.8 NCVE-2016-3657 Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface
PAN-OS 7.0
PAN-OS 6.1
PAN-OS 6.0
PAN-OS 5.0
<= 7.0.4
<= 6.1.9
<= 6.0.12
<= 5.0.17
>= 7.0.5
>= 6.1.10
>= 6.0.13
>= 5.0.18
2016-02-242016-02-24
9.8 NPAN-SA-2015-0005 Device management authentication bypass
PAN-OS 7.0
7.0.0
>= 7.0.1
2015-07-242015-07-24
9.8 NCVE-2012-6593 Command Injection Vulnerability
PAN-OS 4.0
PAN-OS 3.1
<= 4.0.3
<= 3.1.9
>= 4.0.4
>= 3.1.10
2012-04-272012-04-27
9.8 NCVE-2012-6592 Command Injection Vulnerability
PAN-OS 4.0
PAN-OS 3.1
<= 4.0.4
<= 3.1.9
>= 4.0.5
>= 3.1.10
2012-04-272012-04-27
9.8 NCVE-2012-6603 Credential Bypass Vulnerability
PAN-OS 4.1
PAN-OS 4.0
PAN-OS 3.1
<= 4.1.3
<= 4.0.9
<= 3.1.11
>= 4.1.4
>= 4.0.10
>= 3.1.12
2012-04-272012-04-27
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2020 Palo Alto Networks, Inc. All rights reserved.