Get support
Security advisories
Report vulnerabilities
Subscribe
RSS feed
Palo Alto Networks Security Advisories
Clear
Options
version
severity
CRITICAL
HIGH
MEDIUM
LOW
NONE
product
AutoFocus
5
Bridgecrew
6
Bridgecrew Checkov
2
Cloud NGFW
12
Cortex Data Lake
6
Cortex XDR
4
Cortex XDR Agent
26
Cortex XSOAR
19
Cortex XSOAR PowerShell Image
1
Cortex Xpanse
6
Demisto
1
Enterprise Data Loss Prevention
6
Exact Data Matching CLI
6
Expanse
5
Expedition
7
Expedition Migration Tool
5
GlobalProtect App
32
IoT Security
6
MineMeld
1
NetConnect
1
Okyo Garde
6
PAN-DB Private Cloud
1
PAN-OS
230
PAN-OS for Firewall and Wildfire
1
Palo Alto Networks App for Splunk
5
Prisma Access
27
Prisma Cloud
7
Prisma Cloud Compute
10
Prisma SD-WAN
1
Prisma SD-WAN (CloudGenix)
8
Prisma SD-WAN ION
5
SaaS Security
6
Secdo
3
Terminal Server Agent
4
Traps
3
Traps ESM Console
2
Traps ESM Core
1
Twistlock Console
1
Update server
1
User-ID Agent
8
VM-Series Plugin
1
WildFire Appliance
4
WildFire Appliance (WF-500)
5
WildFire Cloud
8
Zingbox Inspector
11
Clear
Found 6
Newest
Updated
Severe
Earliest published
Earliest updated
Least Severe
Sort ID ↑
Sort ID ↓
CVSS
Summary
Versions
Affected
Unaffected
Published
Updated
6.5
CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
➔ View additional products
none
none
none
< 10.0.7 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.25 on Panorama
none
All
All
All
>= 10.0.7 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.25 on Panorama
all
2023-05-10
2023-05-10
4.4
CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
< 11.0.1
< 10.2.4
< 10.1.10
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
none
All
>= 11.0.1
>= 10.2.4
>= 10.1.10
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-05-10
2023-05-11
6.5
CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
none
< 10.1.6
< 10.0.11
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
All
>= 10.1.6
>= 10.0.11
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-19
4.1
CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
none
none
< 10.2.3
< 10.1.8
< 10.0.12
< 9.1.15
< 9.0.17
< 8.1.24
none
All
All
>= 10.2.3
>= 10.1.8
>= 10.0.12
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12
2023-04-12
8.6
N
CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering
Cloud NGFW
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access 3.1
Prisma Access 3.0
➔ View additional products
none
< 10.2.2-h2
< 10.1.6-h6
< 10.0.11-h1
< 9.1.14-h4
< 9.0.16-h3
< 8.1.23-h1
none
none
none
All
>= 10.2.2-h2
>= 10.1.6-h6
>= 10.0.11-h1
>= 9.1.14-h4
>= 9.0.16-h3
>= 8.1.23-h1
All
All
all
2022-08-10
2022-08-19
3
CVE-2020-2035 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
10.1.* without CTD inspection enabled
10.0.*
9.1.*
9.0.*
8.1.*
10.1.* with CTD inspection enabled
none
none
none
none
2020-08-12
2021-07-20
Download
N
= Exploitable over the network with low complexity, unauthenticated attack.
© 2023 Palo Alto Networks, Inc. All rights reserved.