Palo Alto Networks Security Advisories

Found 22
VersionsAffectedUnaffected
10 NCVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
➔ View additional products
none
< 11.1.0-h3, < 11.1.1-h1, < 11.1.2-h3
< 11.0.2-h4, < 11.0.3-h10, < 11.0.4-h1
< 10.2.5-h6, < 10.2.6-h3, < 10.2.7-h8, < 10.2.8-h3, < 10.2.9-h1
none
none
none
All
>= 11.1.0-h3, >= 11.1.1-h1, >= 11.1.2-h3
>= 11.0.2-h4, >= 11.0.3-h10, >= 11.0.4-h1 (See additional hotfixes in Solution section)
>= 10.2.5-h6, >= 10.2.6-h3, >= 10.2.7-h8, >= 10.2.8-h3, >= 10.2.9-h1 (See additional hotfixes in Solution section)
All
All
all
2024-04-122024-04-17
8.3 NCVE-2024-3383 PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.3
< 10.2.5
< 10.1.11
none
none
All
All
>= 11.0.3
>= 10.2.5
>= 10.1.11
All
all
2024-04-102024-04-10
8.2CVE-2024-3382 PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
< 11.1.2
< 11.0.4
< 10.2.7-h3
none
none
none
All
>= 11.1.2
>= 11.0.4
>= 10.2.7-h3
All
All
all
2024-04-102024-04-10
8.2 NCVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.3
< 10.2.8
< 10.1.12
< 9.1.17
< 9.0.17-h4
none
All
All
>= 11.0.3
>= 10.2.8
>= 10.1.12
>= 9.1.17
>= 9.0.17-h4
All
2024-04-102024-04-10
6.9 NCVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.1-h2, < 11.0.2
< 10.2.4-h2, < 10.2.5
< 10.1.9-h3, < 10.1.10
< 10.0.13
< 9.1.17
< 9.0.17-h2
none
All
All
>= 11.0.1-h2, >= 11.0.2
>= 10.2.4-h2, >= 10.2.5
>= 10.1.9-h3, >= 10.1.10
>= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-04-102024-04-10
6CVE-2024-3387 PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
➔ View additional products
none
none
< 11.0.4 on Panorama
< 10.2.7-h3 on Panorama, < 10.2.8 on Panorama
< 10.1.12 on Panorama
none
none
All
All
>= 11.0.4 on Panorama
>= 10.2.7-h3 on Panorama, >= 10.2.8 on Panorama
>= 10.1.12 on Panorama
All
all
2024-04-102024-04-10
5.1CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.3
< 10.2.7-h3
< 10.1.11-h4
< 9.1.17
< 9.0.17-h4
< 8.1.26
< 10.2.4
All
All
>= 11.0.3
>= 10.2.7-h3
>= 10.1.11-h4
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
>= 10.2.4
2024-04-102024-04-10
5.1CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.3 on Panorama
< 10.2.8 on Panorama
< 10.1.12 on Panorama
< 9.1.17 on Panorama
< 9.0.17-h4 on Panorama
none
All
All
>= 11.0.3 on Panorama
>= 10.2.8 on Panorama
>= 10.1.12 on Panorama
>= 9.1.17 on Panorama
>= 9.0.17-h4 on Panorama
All
2024-03-132024-03-13
5.4CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
none
none
< 11.0.2
< 10.2.5
< 10.1.10-h1, < 10.1.11
< 10.0.12-h1, < 10.0.13
< 9.1.17
< 9.0.17-h2
none
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.10-h1, >= 10.1.11
>= 10.0.12-h1, >= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-02-142024-02-14
5.3CVE-2024-0009 PAN-OS: Improper IP Address Verification in GlobalProtect Gateway
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
➔ View additional products
none
none
< 11.0.1
< 10.2.4
none
none
All
All
>= 11.0.1
>= 10.2.4
All
all
2024-02-142024-02-14
6CVE-2023-48795 Impact of Terrapin SSH Attack
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma SD-WAN ION 6.2
Prisma SD-WAN ION 6.1
Prisma SD-WAN ION 5.6
< 11.1.3
< 11.0.7
< 10.2.11
All
All
All
< 6.2.4
< 6.1.8
< 5.6.19
>= 11.1.3 (ETA: end of April)
>= 11.0.7 (ETA: end of July)
>= 10.2.11 (ETA: end of June)
TBD
TBD
None
>= 6.2.4 (ETA: end of June)
>= 6.1.8
>= 5.6.19 (ETA: end of July)
2024-01-092024-03-29
7.5CVE-2023-6790 PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
none
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-12-132023-12-13
6.1CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.24-h1
none
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.24-h1
All
2023-12-132023-12-13
5.1CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.2
< 10.2.5
< 10.1.11
All
< 9.1.17
< 9.0.17-h4
none
none
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.11
None
>= 9.1.17
>= 9.0.17-h4
All
All
2023-12-132023-12-13
4.8CVE-2023-6789 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 11.0.2
< 10.2.5
< 10.1.11
All
< 9.1.17
< 9.0.17-h4
< 8.1.26
none
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.11
None
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
All
2023-12-132023-12-13
8.2 NCVE-2023-38802 PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
Prisma SD-WAN ION 6.2
Prisma SD-WAN ION 6.1
Prisma SD-WAN ION 5.6
none
< 11.0.3
< 10.2.6
< 10.1.11
< 9.1.16-h3
< 9.0.17-h4
< 8.1.26
Customers whose most recent software upgrade was before 09/30
< 6.2.3
< 6.1.5
none
All
>= 11.0.3
>= 10.2.6
>= 10.1.11
>= 9.1.16-h3
>= 9.0.17-h4
>= 8.1.26
Customers who have received a software upgrade or are using new software on or after 09/30
>= 6.2.3
>= 6.1.5
All
2023-09-132024-01-18
5.5CVE-2023-38046 PAN-OS: Read System Files and Resources During Configuration Commit
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
➔ View additional products
none
< 11.0.1
< 10.2.4
none
none
none
All
>= 11.0.1
>= 10.2.4
All
All
all
2023-07-122023-07-12
5.4CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.2
< 10.1.6
< 10.0.11
< 9.1.16
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.2
>= 10.1.6
>= 10.0.11
>= 9.1.16
>= 9.0.17
>= 8.1.24
All
2023-06-142023-06-29
4.4CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
< 11.0.1
< 10.2.4
< 10.1.10
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
none
All
>= 11.0.1
>= 10.2.4
>= 10.1.10
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-05-102023-05-11
4.1CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.3
< 10.1.8
< 10.0.12
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.3
>= 10.1.8
>= 10.0.12
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-122023-04-12
8.6 NCVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
➔ View additional products
none
< 10.2.2-h2
< 10.1.6-h6
< 10.0.11-h1
< 9.1.14-h4
< 9.0.16-h3
< 8.1.23-h1
none
none
none
All
>= 10.2.2-h2
>= 10.1.6-h6
>= 10.0.11-h1
>= 9.1.14-h4
>= 9.0.16-h3
>= 8.1.23-h1
All
All
all
2022-08-102022-08-19
7.5 NCVE-2022-0778 Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778
Cortex XDR Agent 7.7
Cortex XDR Agent 7.6
Cortex XDR Agent 7.5-CE
Cortex XDR Agent 7.5
Cortex XDR Agent 7.4
Cortex XDR Agent 6.1
Cortex XSOAR
GlobalProtect App 6.0
GlobalProtect App 5.3
GlobalProtect App 5.2
GlobalProtect App 5.1
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
Prisma Access 2.2
Prisma Access 2.1
Prisma Cloud
< 7.7.0.60725 on Windows, < 7.7.0.2356 on macOS, < 7.7.0.59559 on Linux
< 7.6.2.60545 on Windows, < 7.6.2.2311 on macOS, < 7.6.2.59612 on Linux
< 7.5.100.60642 on Windows, < 7.5.100.2276 on macOS, < 7.5.100.59687 on Linux
< 7.5.3.60113 on Windows, < 7.5.3.2265 on macOS, < 7.5.3.59465 on Linux
7.4.*
< 6.1.9.61370 on Windows, < 6.1.7.1690 on macOS, < 6.1.7.60245 on Linux
none
< 6.0.1 on Windows and macOS, < 6.0.2 on Android and iOS
< 5.3.4
< 5.2.12
< 5.1.11
< 10.2.1
< 10.1.5-h1
< 10.0.10
< 9.1.13-h3
< 9.0.16-h2
< 8.1.23
Preferred, Innovation
Preferred, Innovation
Preferred
Preferred, Innovation
none
>= 7.7.0.60725 on Windows, >= 7.7.0.2356 on macOS, >= 7.7.0.59559 on Linux
>= 7.6.2.60545 on Windows, >= 7.6.2.2311 on macOS, >= 7.6.2.59612 on Linux
>= 7.5.100.60642 on Windows, >= 7.5.100.2276 on macOS, >= 7.5.100.59687 on Linux
>= 7.5.3.60113 on Windows, >= 7.5.3.2265 on macOS, >= 7.5.3.59465 on Linux
none
>= 6.1.9.61370 on Windows, >= 6.1.7.1690 on macOS, >= 6.1.7.60245 on Linux
all
>= 6.0.1 on Windows and macOS, >= 6.0.2 on Android and iOS
>= 5.3.4
>= 5.2.12
>= 5.1.11
>= 10.2.1
>= 10.1.5-h1
>= 10.0.10
>= 9.1.13-h3
>= 9.0.16-h2
>= 8.1.23
none
none
none
none
all
2022-03-312022-06-24
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2024 Palo Alto Networks, Inc. All rights reserved.