Palo Alto Networks Security Advisories

Found 21

CVSS	Summary	Versions	Affected	Unaffected	Published	Updated
8.3 N	CVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 ➔ View additional products	none none < 11.0.3 < 10.2.5 < 10.1.11 none none	All All >= 11.0.3 >= 10.2.5 >= 10.1.11 All all	2024-04-10	2024-04-10
8.2 N	CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access	none none < 11.0.3 < 10.2.8 < 10.1.12 < 9.1.17 < 9.0.17-h4 none	All All >= 11.0.3 >= 10.2.8 >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 All	2024-04-10	2024-04-10
6.9 N	CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access	none none < 11.0.1-h2, < 11.0.2 < 10.2.4-h2, < 10.2.5 < 10.1.9-h3, < 10.1.10 < 10.0.13 < 9.1.17 < 9.0.17-h2 none	All All >= 11.0.1-h2, >= 11.0.2 >= 10.2.4-h2, >= 10.2.5 >= 10.1.9-h3, >= 10.1.10 >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All	2024-04-10	2024-04-10
6	CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 ➔ View additional products	none none < 11.0.4 on Panorama < 10.2.7-h3 on Panorama, < 10.2.8 on Panorama < 10.1.12 on Panorama none none	All All >= 11.0.4 on Panorama >= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama >= 10.1.12 on Panorama All all	2024-04-10	2024-04-10
5.1	CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 11.0.3 < 10.2.7-h3 < 10.1.11-h4 < 9.1.17 < 9.0.17-h4 < 8.1.26 < 10.2.4	All All >= 11.0.3 >= 10.2.7-h3 >= 10.1.11-h4 >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 >= 10.2.4	2024-04-10	2024-04-10
5.1	CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access	none none < 11.0.3 on Panorama < 10.2.8 on Panorama < 10.1.12 on Panorama < 9.1.17 on Panorama < 9.0.17-h4 on Panorama none	All All >= 11.0.3 on Panorama >= 10.2.8 on Panorama >= 10.1.12 on Panorama >= 9.1.17 on Panorama >= 9.0.17-h4 on Panorama All	2024-03-13	2024-03-13
6.3	CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 ➔ View additional products	none none none < 10.1.6 on Panorama < 10.0.11 on Panorama < 9.1.16 on Panorama < 9.0.17 on Panorama < 8.1.24-h1 on Panorama, < 8.1.25 on Panorama none	All All on Panorama All on Panorama >= 10.1.6 on Panorama >= 10.0.11 on Panorama >= 9.1.16 on Panorama >= 9.0.17 on Panorama >= 8.1.24-h1 on Panorama, >= 8.1.25 on Panorama all	2024-02-14	2024-02-14
5.4	CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access	none none < 11.0.2 < 10.2.5 < 10.1.10-h1, < 10.1.11 < 10.0.12-h1, < 10.0.13 < 9.1.17 < 9.0.17-h2 none	All All >= 11.0.2 >= 10.2.5 >= 10.1.10-h1, >= 10.1.11 >= 10.0.12-h1, >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All	2024-02-14	2024-02-14
5.1	CVE-2024-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 ➔ View additional products	none none none < 10.1.11-h1, < 10.1.12 < 9.1.17 < 9.0.17-h4 none	All All All >= 10.1.11-h1, >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 all	2024-02-14	2024-02-14
7.5	CVE-2023-6790 PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 11.0.1 < 10.2.4 < 10.1.9 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.25 none	All All >= 11.0.1 >= 10.2.4 >= 10.1.9 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.25 All	2023-12-13	2023-12-13
6.1	CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 11.0.1 < 10.2.4 < 10.1.9 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.24-h1 none	All All >= 11.0.1 >= 10.2.4 >= 10.1.9 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.24-h1 All	2023-12-13	2023-12-13
5.9	CVE-2023-6792 PAN-OS: OS Command Injection Vulnerability in the XML API	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 ➔ View additional products	none none none < 10.1.6 < 10.0.12 < 9.1.15 < 9.0.17 < 8.1.24 none	All All All >= 10.1.6 >= 10.0.12 >= 9.1.15 >= 9.0.17 >= 8.1.24 all	2023-12-13	2023-12-13
5.1	CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 11.0.2 < 10.2.5 < 10.1.11 All < 9.1.17 < 9.0.17-h4 none none	All All >= 11.0.2 >= 10.2.5 >= 10.1.11 None >= 9.1.17 >= 9.0.17-h4 All All	2023-12-13	2023-12-13
4.8	CVE-2023-6789 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface	Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 11.0.2 < 10.2.5 < 10.1.11 All < 9.1.17 < 9.0.17-h4 < 8.1.26 none	All All >= 11.0.2 >= 10.2.5 >= 10.1.11 None >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 All	2023-12-13	2023-12-13
8.2 N	CVE-2023-38802 PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access Prisma SD-WAN ION 6.2 Prisma SD-WAN ION 6.1 Prisma SD-WAN ION 5.6	none < 11.0.3 < 10.2.6 < 10.1.11 < 9.1.16-h3 < 9.0.17-h4 < 8.1.26 Customers whose most recent software upgrade was before 09/30 < 6.2.3 < 6.1.5 none	All >= 11.0.3 >= 10.2.6 >= 10.1.11 >= 9.1.16-h3 >= 9.0.17-h4 >= 8.1.26 Customers who have received a software upgrade or are using new software on or after 09/30 >= 6.2.3 >= 6.1.5 All	2023-09-13	2024-01-18
5.4	CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 10.2.2 < 10.1.6 < 10.0.11 < 9.1.16 < 9.0.17 < 8.1.24 none	All All >= 10.2.2 >= 10.1.6 >= 10.0.11 >= 9.1.16 >= 9.0.17 >= 8.1.24 All	2023-06-14	2023-06-29
4.4	CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none < 11.0.1 < 10.2.4 < 10.1.10 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.25 none	All >= 11.0.1 >= 10.2.4 >= 10.1.10 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.25 All	2023-05-10	2023-05-11
6.5	CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none none < 10.1.6 < 10.0.11 < 9.1.15 < 9.0.17 < 8.1.24 none	All All All >= 10.1.6 >= 10.0.11 >= 9.1.15 >= 9.0.17 >= 8.1.24 All	2023-04-12	2023-04-19
4.1	CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none none < 10.2.3 < 10.1.8 < 10.0.12 < 9.1.15 < 9.0.17 < 8.1.24 none	All All >= 10.2.3 >= 10.1.8 >= 10.0.12 >= 9.1.15 >= 9.0.17 >= 8.1.24 All	2023-04-12	2023-04-12
8.6 N	CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering	Cloud NGFW PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 ➔ View additional products	none < 10.2.2-h2 < 10.1.6-h6 < 10.0.11-h1 < 9.1.14-h4 < 9.0.16-h3 < 8.1.23-h1 none none none	All >= 10.2.2-h2 >= 10.1.6-h6 >= 10.0.11-h1 >= 9.1.14-h4 >= 9.0.16-h3 >= 8.1.23-h1 All All all	2022-08-10	2022-08-19
7.5 N	CVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778	Cortex XDR Agent 7.7 Cortex XDR Agent 7.6 Cortex XDR Agent 7.5-CE Cortex XDR Agent 7.5 Cortex XDR Agent 7.4 Cortex XDR Agent 6.1 Cortex XSOAR GlobalProtect App 6.0 GlobalProtect App 5.3 GlobalProtect App 5.2 GlobalProtect App 5.1 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 Prisma Cloud	< 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux < 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux < 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux < 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux 7.4.* < 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux none < 6.0.1 on Windows and macOS, < 6.0.2 on Android and iOS < 5.3.4 < 5.2.12 < 5.1.11 < 10.2.1 < 10.1.5-h1 < 10.0.10 < 9.1.13-h3 < 9.0.16-h2 < 8.1.23 Preferred, Innovation Preferred, Innovation Preferred Preferred, Innovation none	>= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux >= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux >= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux >= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux none >= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux all >= 6.0.1 on Windows and macOS, >= 6.0.2 on Android and iOS >= 5.3.4 >= 5.2.12 >= 5.1.11 >= 10.2.1 >= 10.1.5-h1 >= 10.0.10 >= 9.1.13-h3 >= 9.0.16-h2 >= 8.1.23 none none none none all	2022-03-31	2022-06-24

Download

N = Exploitable over the network with low complexity, unauthenticated attack.