Palo Alto Networks Security Advisories

Found 5
VersionsAffectedUnaffected
7.2CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
none
< 10.1.5
< 10.0.10
< 9.1.13
< 9.0.16
< 8.1.23
>= 10.2.0
>= 10.1.5
>= 10.0.10
>= 9.1.13
>= 9.0.16
>= 8.1.23
2022-05-112022-05-11
7.5 NCVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5-CE
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 6.1
Cortex XSOAR
GlobalProtect App 6.0
GlobalProtect App 5.3
GlobalProtect App 5.2
GlobalProtect App 5.1
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
Prisma Access 2.2
Prisma Access 2.1
Prisma Cloud
< 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux
< 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux
< 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux
< 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux
7.4.*
< 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux
none
< 6.0.1 on Windows and macOS, < 6.0.2 on Android and iOS
< 5.3.4
< 5.2.12
< 5.1.11
< 10.2.1
< 10.1.5-h1
< 10.0.10
< 9.1.13-h3
< 9.0.16-h2
< 8.1.23
Preferred, Innovation
Preferred, Innovation
Preferred
Preferred, Innovation
none
>= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux
>= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux
>= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux
>= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux
none
>= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux
all
>= 6.0.1 on Windows and macOS, >= 6.0.2 on Android and iOS
>= 5.3.4
>= 5.2.12
>= 5.1.11
>= 10.2.1
>= 10.1.5-h1
>= 10.0.10
>= 9.1.13-h3
>= 9.0.16-h2
>= 8.1.23
none
none
none
none
all
2022-03-312022-06-24
9.8 NCVE-2021-44228 Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832
Bridgecrew
Cortex Data Lake
Cortex XDR Agent
Cortex Xpanse
Cortex XSOAR
Enterprise Data Loss Prevention
Exact Data Matching CLI
Expedition
GlobalProtect App
IoT Security
Okyo Garde
PAN-DB Private Cloud
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS for Firewall and Wildfire
Prisma Access
Prisma Cloud
Prisma Cloud Compute
Prisma SD-WAN (CloudGenix)
SaaS Security
Traps
User-ID Agent
WildFire Appliance
WildFire Cloud
none
none
none
none
none
none
< 2.1
none
none
none
none
none
none
< 10.0.8-h8 on Panorama
< 9.1.12-h3 on Panorama
< 9.0.15 on Panorama
none
none
none
none
none
none
none
none
none
none
none
all
all
all
all
all
all
>= 2.1
all
all
all
all
all
10.1.* on Panorama
>= 10.0.8-h8 on Panorama
>= 9.1.12-h3 on Panorama
>= 9.0.15 on Panorama
8.1.* on Panorama
all
all
all
all
all
all
all
all
all
all
2021-12-102022-01-21
7.5 NCVE-2021-3063 PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 2.2
Prisma Access 2.1
< 10.1.3
< 10.0.8-h4
< 9.1.11-h3
< 9.0.14-h4
< 8.1.21
none
none
>= 10.1.3
>= 10.0.8-h4
>= 9.1.11-h3
>= 9.0.14-h4
>= 8.1.21
all
all
2021-11-102021-12-09
3CVE-2020-2035 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
10.1.* without CTD inspection enabled
10.0.*
9.1.*
9.0.*
8.1.*
10.1.* with CTD inspection enabled
none
none
none
none
2020-08-122022-03-31
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2022 Palo Alto Networks, Inc. All rights reserved.