Get support
Security advisories
Report vulnerabilities
Subscribe
RSS feed
Palo Alto Networks Security Advisories
Clear
Options
version
severity
CRITICAL
HIGH
MEDIUM
LOW
NONE
product
AutoFocus
6
Bridgecrew
7
Bridgecrew Checkov
2
Cloud NGFW
18
Cortex Data Lake
7
Cortex XDR
7
Cortex XDR Agent
30
Cortex XSOAR
21
Cortex XSOAR Kafka Integration
1
Cortex XSOAR PowerShell Image
1
Cortex Xpanse
7
Demisto
1
Enterprise Data Loss Prevention
7
Exact Data Matching CLI
7
Expanse
6
Expedition
7
Expedition Migration Tool
6
GlobalProtect App
35
IoT Security
7
MineMeld
1
NetConnect
1
Okyo Garde
7
PAN-DB Private Cloud
1
PAN-OS
238
PAN-OS for Firewall and Wildfire
1
Palo Alto Networks App for Splunk
6
Prisma Access
34
Prisma Cloud
10
Prisma Cloud Compute
12
Prisma SD-WAN (CloudGenix)
9
Prisma SD-WAN ION
10
SaaS Security
7
Secdo
3
Terminal Server Agent
4
Traps
3
Traps ESM Console
2
Traps ESM Core
1
Twistlock Console
1
Update server
1
User-ID Agent
9
VM-Series Plugin
1
WildFire Appliance
4
WildFire Appliance (WF-500)
6
WildFire Cloud
9
Zingbox Inspector
11
Clear
Found 7
Newest
Updated
Severe
Earliest published
Earliest updated
Least Severe
Sort ID ↑
Sort ID ↓
CVSS
Summary
Versions
Affected
Unaffected
Published
Updated
5.4
CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.2
< 10.1.6
< 10.0.11
< 9.1.16
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.2
>= 10.1.6
>= 10.0.11
>= 9.1.16
>= 9.0.17
>= 8.1.24
All
2023-06-14
2023-06-29
6.5
CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.0.7 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.25 on Panorama
none
All
All
All
>= 10.0.7 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.25 on Panorama
all
2023-05-10
2023-05-10
4.4
CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
< 11.0.1
< 10.2.4
< 10.1.10
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
none
All
>= 11.0.1
>= 10.2.4
>= 10.1.10
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-05-10
2023-05-11
6.5
CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
none
< 10.1.6
< 10.0.11
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
All
>= 10.1.6
>= 10.0.11
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-19
4.1
CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.3
< 10.1.8
< 10.0.12
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.3
>= 10.1.8
>= 10.0.12
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-12
8.6
N
CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
➔ View additional products
none
< 10.2.2-h2
< 10.1.6-h6
< 10.0.11-h1
< 9.1.14-h4
< 9.0.16-h3
< 8.1.23-h1
none
none
none
All
>= 10.2.2-h2
>= 10.1.6-h6
>= 10.0.11-h1
>= 9.1.14-h4
>= 9.0.16-h3
>= 8.1.23-h1
All
All
all
2022-08-10
2022-08-19
3
CVE-2020-2035 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
10.1.* without CTD inspection enabled
10.0.*
9.1.*
9.0.*
8.1.*
10.1.* with CTD inspection enabled
none
none
none
none
2020-08-12
2021-07-20
Download
N
= Exploitable over the network with low complexity, unauthenticated attack.
© 2023 Palo Alto Networks, Inc. All rights reserved.