| | Versions | Affected | Unaffected | | |
|---|
| 7.6 | PAN-SA-2025-0008
Chromium and Prisma Access Browser: Monthly Vulnerability Update (April 2025) | | | | 2025-04-09 | 2025-04-09 |
| 7.6 | PAN-SA-2025-0007
Chromium: Monthly Vulnerability Update (March 2025) | | | | 2025-03-12 | 2025-03-12 |
| 7.1 | CVE-2025-0111
PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None | All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All | 2025-02-12 | 2025-03-06 |
| 7.3 | CVE-2025-0110
PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin | | | | 2025-02-12 | 2025-02-21 |
| 8.8 | CVE-2025-0108
PAN-OS: Authentication Bypass in the Management Web Interface | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None < 11.2.4-h4, < 11.2.5 < 11.1.2-h18, < 11.1.4-h13, < 11.1.6-h1 < 10.2.7-h24, < 10.2.8-h21, < 10.2.9-h21, < 10.2.10-h14, < 10.2.11-h12, < 10.2.12-h6, < 10.2.13-h3 < 10.1.14-h9 None | All >= 11.2.4-h4, >= 11.2.5 >= 11.1.2-h18, >= 11.1.4-h13, >= 11.1.6-h1 >= 10.2.7-h24, >= 10.2.8-h21, >= 10.2.9-h21, >= 10.2.10-h14, >= 10.2.11-h12, >= 10.2.12-h6, >= 10.2.13-h3 >= 10.1.14-h9 All | 2025-02-12 | 2025-03-06 |
| 7.8 | PAN-SA-2025-0001
Expedition: Multiple Vulnerabilities in Expedition Migration Tool Lead to Exposure of Firewall Credentials | Cloud NGFW Expedition 1 Panorama PAN-OS Prisma Access | None < 1.2.101 None None None | | 2025-01-08 | 2025-01-15 |
| 8.7 | CVE-2024-3393
PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet | Cloud NGFW PAN-OS PAN-OS 11.2 PAN-OS 11.1 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 Prisma Access | None None on Panorama < 11.2.3 < 11.1.2-h16, < 11.1.3-h13, < 11.1.4-h7, < 11.1.5 >= 10.2.8, < 10.2.8-h19, < 10.2.9-h19, < 10.2.10-h12, < 10.2.11-h10, < 10.2.12-h4, < 10.2.13-h2, < 10.2.14 >= 10.1.14, < 10.1.14-h8, < 10.1.15 None None >= 10.2.8 on PAN-OS, < 10.2.9-h19 on PAN-OS, < 10.2.10-h12 on PAN-OS, < 11.2.3 on PAN-OS | All All on Panorama >= 11.2.3 >= 11.1.2-h16, >= 11.1.3-h13, >= 11.1.4-h7, >= 11.1.5 < 10.2.8, >= 10.2.8-h19, >= 10.2.9-h19, >= 10.2.10-h12, >= 10.2.11-h10, >= 10.2.12-h4, >= 10.2.13-h2, >= 10.2.14 < 10.1.14, >= 10.1.14-h8, >= 10.1.15 All All < 10.2.8 on PAN-OS, >= 10.2.9-h19 on PAN-OS, >= 10.2.10-h12 on PAN-OS, >= 11.2.3 on PAN-OS | 2024-12-27 | 2025-01-30 |
| 8.6 | PAN-SA-2024-0016
Chromium: Monthly Vulnerability Updates | | | | 2024-11-13 | 2024-11-13 |
| 8.2 | CVE-2024-9468
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet | Cloud NGFW PAN-OS 11.2 PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 Prisma Access | None None < 11.1.3 < 11.0.4-h5, < 11.0.6 < 10.2.4-h24, < 10.2.7-h24, < 10.2.8-h20, < 10.2.9-h11, < 10.2.10-h4, < 10.2.11 None None | All All >= 11.1.3 >= 11.0.4-h5, >= 11.0.6 >= 10.2.4-h24, >= 10.2.7-h24, >= 10.2.8-h20, >= 10.2.9-h11, >= 10.2.10-h4, >= 10.2.11 All All | 2024-10-09 | 2025-04-30 |