Palo Alto Networks Security Advisories

1 - 25 of 33
VersionsAffectedUnaffected
4.3CVE-2021-3031 PAN-OS: Information exposure in Ethernet data frame construction (Etherleak)
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.1.5 on PA-220, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series
< 9.0.12 on PA-220, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series
< 8.1.18 on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series
8.0.* on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series
7.1.* on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series
10.0.*
>= 9.1.5
>= 9.0.12
>= 8.1.18
none
none
2021-01-132021-01-19
5.3 NCVE-2020-1999 PAN-OS: Threat signatures are evaded by specifically crafted packets
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.1.5
< 9.0.11
< 8.1.17
8.0.*
7.1.*
10.0.*
>= 9.1.5
>= 9.0.11
>= 8.1.17
none
none
2020-11-112020-11-11
8.1CVE-2020-2034 PAN-OS: OS command injection vulnerability in GlobalProtect portal
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.1.3
< 9.0.9
< 8.1.15
8.0.*
7.1.*
>= 9.1.3
>= 9.0.9
>= 8.1.15
none
none
2020-07-082020-07-10
7.2CVE-2020-2030 PAN-OS: OS command injection vulnerability in the management interface
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
none
< 8.1.15
8.0.*
7.1.*
>= 9.1.0
>= 9.0.0
>= 8.1.15
none
none
2020-07-082020-07-08
7.2CVE-2020-2027 PAN-OS: Buffer overflow in authd authentication response
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.13
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.13
none
none
2020-06-102020-06-10
7.2CVE-2020-2029 PAN-OS: OS command injection vulnerability in management interface certificate generator
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
none
< 8.1.13
8.0.*
< 7.1.26
>= 9.1.0
>= 9.0.0
>= 8.1.13
none
>= 7.1.26
2020-06-102020-06-10
7.2CVE-2020-2028 PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.13
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.13
none
none
2020-06-102020-06-10
9CVE-2020-2018 PAN-OS: Panorama authentication bypass vulnerability
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.6
< 8.1.12
8.0.*
< 7.1.26
>= 9.0.6
>= 8.1.12
none
>= 7.1.26
2020-05-132020-05-13
8.8CVE-2020-2017 PAN-OS: DOM-Based cross site scripting vulnerability in management web interface
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.6
< 8.1.13
8.0.*
< 7.1.26
>= 9.1.0
>= 9.0.6
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
8.8CVE-2020-2014 PAN-OS: OS injection vulnerability in PAN-OS management server
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-13
8.8CVE-2020-2015 PAN-OS: Buffer overflow in the management server
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.1.1
< 9.0.7
< 8.1.13
8.0.*
< 7.1.26
>= 9.1.1
>= 9.0.7
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
8.3CVE-2020-2013 PAN-OS: Panorama context switch session cookie disclosure
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.1.1
< 9.0.6
< 8.1.13
8.0.*
< 7.1.26
>= 9.1.1
>= 9.0.6
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
8.1CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.6
< 8.1.12
8.0.*
7.1.*
>= 9.0.6
>= 8.1.12
none
none
2020-05-132020-09-11
8.1CVE-2020-2002 PAN-OS: Spoofed Kerberos key distribution center authentication bypass
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.6
< 8.1.13
8.0.*
< 7.1.26
>= 9.0.6
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
7.8PAN-SA-2020-0005 PAN-OS: OpenSSH software upgraded to resolve multiple vulnerabilities
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.1
< 8.1.13
8.0.*
< 7.1.26
>= 9.0.1
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
7.5 NCVE-2020-2011 PAN-OS: Panorama registration denial of service
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-20
7.5 NPAN-SA-2020-0006 PAN-OS: Nginx software upgraded to resolve multiple vulnerabilities
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-13
7.5 NCVE-2020-2012 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.13
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.13
none
none
2020-05-132020-05-13
7.2CVE-2020-2007 PAN-OS: OS command injection in management server
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-13
7.2CVE-2020-2008 PAN-OS: OS command injection or arbitrary file deletion vulnerability
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
none
< 8.1.14
8.0.*
7.1.*
>= 9.1.0
>= 9.0.0
>= 8.1.14
none
none
2020-05-132020-05-13
7.2CVE-2020-2009 PAN-OS: Panorama SD WAN arbitrary file creation
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-13
7.2CVE-2020-2010 PAN-OS: Authenticated user command injection vulnerability
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.7
< 8.1.14
8.0.*
7.1.*
>= 9.1.0
>= 9.0.7
>= 8.1.14
none
none
2020-05-132020-05-13
7.2CVE-2020-2006 PAN-OS: Buffer overflow in management server payload parser
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 8.1.14
8.0.*
7.1.*
>= 8.1.14
none
none
2020-05-132020-05-13
7.1CVE-2020-2005 PAN-OS: GlobalProtect Clientless VPN session hijacking
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
< 9.0.7
< 8.1.13
8.0.*
< 7.1.26
>= 9.0.7
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
7CVE-2020-2016 PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
PAN-OS 8.0
PAN-OS 7.1
none
< 9.0.6
< 8.1.13
8.0.*
< 7.1.26
>= 9.1.0
>= 9.0.6
>= 8.1.13
none
>= 7.1.26
2020-05-132020-05-13
1 - 25 of 33 Download
N = Exploitable over the network with low complexity, unauthenticated attack.
© 2022 Palo Alto Networks, Inc. All rights reserved.