| | Versions | Affected | Unaffected | | |
|---|
| 8.2 N | CVE-2024-3384 PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets | | none none none < 10.0.12 < 9.1.15-h1 < 9.0.17 < 8.1.24 none | All All All >= 10.0.12 >= 9.1.15-h1 >= 9.0.17 >= 8.1.24 all | 2024-04-10 | 2024-04-10 |
| 8.2 N | CVE-2024-3385 PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access | none none < 11.0.3 < 10.2.8 < 10.1.12 < 9.1.17 < 9.0.17-h4 none | All All >= 11.0.3 >= 10.2.8 >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 All | 2024-04-10 | 2024-04-10 |
| 6.9 N | CVE-2024-3386 PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access | none none < 11.0.1-h2, < 11.0.2 < 10.2.4-h2, < 10.2.5 < 10.1.9-h3, < 10.1.10 < 10.0.13 < 9.1.17 < 9.0.17-h2 none | All All >= 11.0.1-h2, >= 11.0.2 >= 10.2.4-h2, >= 10.2.5 >= 10.1.9-h3, >= 10.1.10 >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All | 2024-04-10 | 2024-04-10 |
| 5.1 | CVE-2024-3388 PAN-OS: User Impersonation in GlobalProtect SSL VPN | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 11.0.3 < 10.2.7-h3 < 10.1.11-h4 < 9.1.17 < 9.0.17-h4 < 8.1.26 < 10.2.4 | All All >= 11.0.3 >= 10.2.7-h3 >= 10.1.11-h4 >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 >= 10.2.4 | 2024-04-10 | 2024-04-10 |
| 5.1 | CVE-2024-2433 PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 Prisma Access | none none < 11.0.3 on Panorama < 10.2.8 on Panorama < 10.1.12 on Panorama < 9.1.17 on Panorama < 9.0.17-h4 on Panorama none | All All >= 11.0.3 on Panorama >= 10.2.8 on Panorama >= 10.1.12 on Panorama >= 9.1.17 on Panorama >= 9.0.17-h4 on Panorama All | 2024-03-13 | 2024-03-13 |
| 6.3 | CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface | | none none none < 10.1.6 on Panorama < 10.0.11 on Panorama < 9.1.16 on Panorama < 9.0.17 on Panorama < 8.1.24-h1 on Panorama, < 8.1.25 on Panorama none | All All on Panorama All on Panorama >= 10.1.6 on Panorama >= 10.0.11 on Panorama >= 9.1.16 on Panorama >= 9.0.17 on Panorama >= 8.1.24-h1 on Panorama, >= 8.1.25 on Panorama all | 2024-02-14 | 2024-02-14 |
| 5.4 | CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 Prisma Access | none none < 11.0.2 < 10.2.5 < 10.1.10-h1, < 10.1.11 < 10.0.12-h1, < 10.0.13 < 9.1.17 < 9.0.17-h2 none | All All >= 11.0.2 >= 10.2.5 >= 10.1.10-h1, >= 10.1.11 >= 10.0.12-h1, >= 10.0.13 >= 9.1.17 >= 9.0.17-h2 All | 2024-02-14 | 2024-02-14 |
| 5.1 | CVE-2024-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal | | none none none < 10.1.11-h1, < 10.1.12 < 9.1.17 < 9.0.17-h4 none | All All All >= 10.1.11-h1, >= 10.1.12 >= 9.1.17 >= 9.0.17-h4 all | 2024-02-14 | 2024-02-14 |
| 5.1 | CVE-2024-0011 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication | | none none none < 10.1.3 < 10.0.11 < 9.1.13 < 9.0.17 < 8.1.24 none | All All All >= 10.1.3 >= 10.0.11 >= 9.1.13 >= 9.0.17 >= 8.1.24 all | 2024-02-14 | 2024-02-24 |
| 7.5 | CVE-2023-6790 PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 11.0.1 < 10.2.4 < 10.1.9 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.25 none | All All >= 11.0.1 >= 10.2.4 >= 10.1.9 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.25 All | 2023-12-13 | 2023-12-13 |
| 6.1 | CVE-2023-6791 PAN-OS: Plaintext Disclosure of External System Integration Credentials | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 11.0.1 < 10.2.4 < 10.1.9 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.24-h1 none | All All >= 11.0.1 >= 10.2.4 >= 10.1.9 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.24-h1 All | 2023-12-13 | 2023-12-13 |
| 5.9 | CVE-2023-6794 PAN-OS: File Upload Vulnerability in the Web Interface | | none none none < 9.1.14 < 9.0.17-h1 < 8.1.26 none | All All All >= 9.1.14 >= 9.0.17-h1 >= 8.1.26 all | 2023-12-13 | 2023-12-13 |
| 5.9 | CVE-2023-6795 PAN-OS: OS Command Injection Vulnerability in the Web Interface | | none none none < 10.1.3 < 10.0.9 < 9.1.12 < 9.0.17 < 8.1.24-h1 none | All All All >= 10.1.3 >= 10.0.9 >= 9.1.12 >= 9.0.17 >= 8.1.24-h1 all | 2023-12-13 | 2023-12-13 |
| 5.9 | CVE-2023-6792 PAN-OS: OS Command Injection Vulnerability in the XML API | | none none none < 10.1.6 < 10.0.12 < 9.1.15 < 9.0.17 < 8.1.24 none | All All All >= 10.1.6 >= 10.0.12 >= 9.1.15 >= 9.0.17 >= 8.1.24 all | 2023-12-13 | 2023-12-13 |
| 5.1 | CVE-2023-6793 PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 11.0.2 < 10.2.5 < 10.1.11 All < 9.1.17 < 9.0.17-h4 none none | All All >= 11.0.2 >= 10.2.5 >= 10.1.11 None >= 9.1.17 >= 9.0.17-h4 All All | 2023-12-13 | 2023-12-13 |
| 4.8 | CVE-2023-6789 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface | Cloud NGFW PAN-OS 11.1 PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 11.0.2 < 10.2.5 < 10.1.11 All < 9.1.17 < 9.0.17-h4 < 8.1.26 none | All All >= 11.0.2 >= 10.2.5 >= 10.1.11 None >= 9.1.17 >= 9.0.17-h4 >= 8.1.26 All | 2023-12-13 | 2023-12-13 |
| 8.2 N | CVE-2023-38802 PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software | Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access Prisma SD-WAN ION 6.2 Prisma SD-WAN ION 6.1 Prisma SD-WAN ION 5.6 | none < 11.0.3 < 10.2.6 < 10.1.11 < 9.1.16-h3 < 9.0.17-h4 < 8.1.26 Customers whose most recent software upgrade was before 09/30 < 6.2.3 < 6.1.5 none | All >= 11.0.3 >= 10.2.6 >= 10.1.11 >= 9.1.16-h3 >= 9.0.17-h4 >= 8.1.26 Customers who have received a software upgrade or are using new software on or after 09/30 >= 6.2.3 >= 6.1.5 All | 2023-09-13 | 2024-01-18 |
| 5.4 | CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication | Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 10.2.2 < 10.1.6 < 10.0.11 < 9.1.16 < 9.0.17 < 8.1.24 none | All All >= 10.2.2 >= 10.1.6 >= 10.0.11 >= 9.1.16 >= 9.0.17 >= 8.1.24 All | 2023-06-14 | 2023-06-29 |
| 6.5 | CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface | | none none none < 10.0.7 on Panorama < 9.1.16 on Panorama < 9.0.17 on Panorama < 8.1.25 on Panorama none | All All All >= 10.0.7 on Panorama >= 9.1.16 on Panorama >= 9.0.17 on Panorama >= 8.1.25 on Panorama all | 2023-05-10 | 2023-05-10 |
| 4.4 | CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface | Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none < 11.0.1 < 10.2.4 < 10.1.10 < 10.0.12 < 9.1.16 < 9.0.17 < 8.1.25 none | All >= 11.0.1 >= 10.2.4 >= 10.1.10 >= 10.0.12 >= 9.1.16 >= 9.0.17 >= 8.1.25 All | 2023-05-10 | 2023-05-11 |
| 6.5 | CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability | Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none none < 10.1.6 < 10.0.11 < 9.1.15 < 9.0.17 < 8.1.24 none | All All All >= 10.1.6 >= 10.0.11 >= 9.1.15 >= 9.0.17 >= 8.1.24 All | 2023-04-12 | 2023-04-19 |
| 4.1 | CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability | Cloud NGFW PAN-OS 11.0 PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access | none none < 10.2.3 < 10.1.8 < 10.0.12 < 9.1.15 < 9.0.17 < 8.1.24 none | All All >= 10.2.3 >= 10.1.8 >= 10.0.12 >= 9.1.15 >= 9.0.17 >= 8.1.24 All | 2023-04-12 | 2023-04-12 |
| 8.6 N | CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering | Cloud NGFW PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.1 Prisma Access 3.0 ➔ View additional products | none < 10.2.2-h2 < 10.1.6-h6 < 10.0.11-h1 < 9.1.14-h4 < 9.0.16-h3 < 8.1.23-h1 none none none | All >= 10.2.2-h2 >= 10.1.6-h6 >= 10.0.11-h1 >= 9.1.14-h4 >= 9.0.16-h3 >= 8.1.23-h1 All All all | 2022-08-10 | 2022-08-19 |
| 7.2 | CVE-2022-0024 PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.23 | >= 10.2.0 >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.23 | 2022-05-11 | 2022-05-11 |
| 5.9 | CVE-2022-0023 PAN-OS: Denial-of-Service (DoS) Vulnerability in DNS Proxy | PAN-OS 10.2 PAN-OS 10.1 PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 Prisma Access 3.0 Prisma Access 2.2 Prisma Access 2.1 | none < 10.1.5 < 10.0.10 < 9.1.13 < 9.0.16 < 8.1.22 none none none | 10.2.* >= 10.1.5 >= 10.0.10 >= 9.1.13 >= 9.0.16 >= 8.1.22 Preferred, Innovation Preferred Preferred, Innovation | 2022-04-13 | 2022-04-13 |
= Exploitable over the network with low complexity, unauthenticated attack.