Palo Alto Networks Security Advisories

Found 3

CVSS	Summary	Versions	Affected	Unaffected	Published	Updated
8.2 N	CVE-2023-38802 PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 Prisma Access Prisma SD-WAN ION 6.2 Prisma SD-WAN ION 6.1 Prisma SD-WAN ION 5.6	none < 11.0.3 < 10.2.6 < 10.1.11 < 9.1.16-h3 Customers whose most recent software upgrade was before 09/30 < 6.2.3 < 6.1.5 none	All >= 11.0.3 >= 10.2.6 >= 10.1.11 >= 9.1.16-h3 Customers who have received a software upgrade or are using new software on or after 09/30 >= 6.2.3 (ETA: Week of 11/27) >= 6.1.5 All	2023-09-13	2023-11-08
5.5	CVE-2023-38046 PAN-OS: Read System Files and Resources During Configuration Commit	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 ➔ View additional products	none < 11.0.1 < 10.2.4 none none none	All >= 11.0.1 >= 10.2.4 All All all	2023-07-12	2023-07-12
4.4	CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface	Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access	none < 11.0.1 < 10.2.4 < 10.1.10 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.25 none	All >= 11.0.1 >= 10.2.4 >= 10.1.10 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.25 All	2023-05-10	2023-05-11

N = Exploitable over the network with low complexity, unauthenticated attack.