| | Versions | Affected | Unaffected | | |
|---|
| 4.3 | CVE-2021-3031 PAN-OS: Information exposure in Ethernet data frame construction (Etherleak) | PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.1.5 on PA-220, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series < 9.0.12 on PA-220, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series < 8.1.18 on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series 8.0.* on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series 7.1.* on PA-200, PA-220, PA-500, PA-5000 Series, PA-800, PA-2000 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series | 10.0.* >= 9.1.5 >= 9.0.12 >= 8.1.18 none none | 2021-01-13 | 2021-01-19 |
| 5.3 N | CVE-2020-1999 PAN-OS: Threat signatures are evaded by specifically crafted packets | PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.1.5 < 9.0.11 < 8.1.17 8.0.* 7.1.* | 10.0.* >= 9.1.5 >= 9.0.11 >= 8.1.17 none none | 2020-11-11 | 2020-11-11 |
| 8.1 | CVE-2020-2034 PAN-OS: OS command injection vulnerability in GlobalProtect portal | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.1.3 < 9.0.9 < 8.1.15 8.0.* 7.1.* | >= 9.1.3 >= 9.0.9 >= 8.1.15 none none | 2020-07-08 | 2020-07-10 |
| 7.2 | CVE-2020-2030 PAN-OS: OS command injection vulnerability in the management interface | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none none < 8.1.15 8.0.* 7.1.* | >= 9.1.0 >= 9.0.0 >= 8.1.15 none none | 2020-07-08 | 2020-07-08 |
| 7.2 | CVE-2020-2027 PAN-OS: Buffer overflow in authd authentication response | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.13 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.13 none none | 2020-06-10 | 2020-06-10 |
| 7.2 | CVE-2020-2029 PAN-OS: OS command injection vulnerability in management interface certificate generator | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none none < 8.1.13 8.0.* < 7.1.26 | >= 9.1.0 >= 9.0.0 >= 8.1.13 none >= 7.1.26 | 2020-06-10 | 2020-06-10 |
| 7.2 | CVE-2020-2028 PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.13 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.13 none none | 2020-06-10 | 2020-06-10 |
| 9 | CVE-2020-2018 PAN-OS: Panorama authentication bypass vulnerability | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.6 < 8.1.12 8.0.* < 7.1.26 | >= 9.0.6 >= 8.1.12 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 8.8 | CVE-2020-2017 PAN-OS: DOM-Based cross site scripting vulnerability in management web interface | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.6 < 8.1.13 8.0.* < 7.1.26 | >= 9.1.0 >= 9.0.6 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 8.8 | CVE-2020-2015 PAN-OS: Buffer overflow in the management server | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.1.1 < 9.0.7 < 8.1.13 8.0.* < 7.1.26 | >= 9.1.1 >= 9.0.7 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 8.8 | CVE-2020-2014 PAN-OS: OS injection vulnerability in PAN-OS management server | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 8.3 | CVE-2020-2013 PAN-OS: Panorama context switch session cookie disclosure | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.1.1 < 9.0.6 < 8.1.13 8.0.* < 7.1.26 | >= 9.1.1 >= 9.0.6 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 8.1 | CVE-2020-2002 PAN-OS: Spoofed Kerberos key distribution center authentication bypass | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.6 < 8.1.13 8.0.* < 7.1.26 | >= 9.0.6 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 8.1 | CVE-2020-2001 PAN-OS: Panorama External control of file vulnerability leads to privilege escalation | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.6 < 8.1.12 8.0.* 7.1.* | >= 9.0.6 >= 8.1.12 none none | 2020-05-13 | 2020-09-11 |
| 7.8 | PAN-SA-2020-0005 PAN-OS: OpenSSH software upgraded to resolve multiple vulnerabilities | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.1 < 8.1.13 8.0.* < 7.1.26 | >= 9.0.1 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 7.5 N | CVE-2020-2012 PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.13 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.13 none none | 2020-05-13 | 2020-05-13 |
| 7.5 N | CVE-2020-2011 PAN-OS: Panorama registration denial of service | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-20 |
| 7.5 N | PAN-SA-2020-0006 PAN-OS: Nginx software upgraded to resolve multiple vulnerabilities | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 7.2 | CVE-2020-2006 PAN-OS: Buffer overflow in management server payload parser | PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | | | 2020-05-13 | 2020-05-13 |
| 7.2 | CVE-2020-2009 PAN-OS: Panorama SD WAN arbitrary file creation | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 7.2 | CVE-2020-2008 PAN-OS: OS command injection or arbitrary file deletion vulnerability | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none none < 8.1.14 8.0.* 7.1.* | >= 9.1.0 >= 9.0.0 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 7.2 | CVE-2020-2010 PAN-OS: Authenticated user command injection vulnerability | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.1.0 >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 7.2 | CVE-2020-2007 PAN-OS: OS command injection in management server | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.7 < 8.1.14 8.0.* 7.1.* | >= 9.0.7 >= 8.1.14 none none | 2020-05-13 | 2020-05-13 |
| 7.1 | CVE-2020-2005 PAN-OS: GlobalProtect Clientless VPN session hijacking | PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | < 9.0.7 < 8.1.13 8.0.* < 7.1.26 | >= 9.0.7 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
| 7 | CVE-2020-2016 PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation | PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 | none < 9.0.6 < 8.1.13 8.0.* < 7.1.26 | >= 9.1.0 >= 9.0.6 >= 8.1.13 none >= 7.1.26 | 2020-05-13 | 2020-05-13 |
= Exploitable over the network with low complexity, unauthenticated attack.