CVSS Summary Versions Affected Unaffected Published Updated 6.9 CVE-2024-8687
PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes Cloud NGFW
GlobalProtect App 6.3
GlobalProtect App 6.2
GlobalProtect App 6.1
GlobalProtect App 6.0
GlobalProtect App 5.2
GlobalProtect App 5.1
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 6.2.1
< 6.1.2
< 6.0.7
< 5.2.13
< 5.1.12
None
None
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
< 10.2.9 on PAN-OS
All
All
>= 6.2.1
>= 6.1.2
>= 6.0.7
>= 5.2.13
>= 5.1.12
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
>= 10.2.9 on PAN-OS
2024-09-11 2024-09-11 6.7 CVE-2024-8688
PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI) None
None
None
< 10.1.1
< 10.0.10
< 9.1.15
None
All
All
All
>= 10.1.1
>= 10.0.10
>= 9.1.15
all
2024-09-11 2024-09-11 5.3 CVE-2024-8691
PAN-OS: User Impersonation in GlobalProtect Portal None
None
None
< 10.1.11
< 9.1.17
None
All
All
All
>= 10.1.11
>= 9.1.17
all
2024-09-11 2024-09-11 5.3 CVE-2024-3596
PAN-OS: CHAP and PAP When Used with RADIUS Authentication Lead to Privilege Escalation Cloud NGFW
PAN-OS 11.2
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
Prisma Access
None
None
< 11.1.3
< 11.0.4-h5, < 11.0.6
< 10.2.10
< 10.1.14
< 9.1.19
All
All
All
>= 11.1.3
>= 11.0.4-h5, 11.0.6 (ETA: 9/26)
>= 10.2.10
>= 10.1.14
>= 9.1.19
None (Fix ETA: September 15)
2024-07-10 2024-07-26 8.2
N CVE-2024-3385
PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
None
None
< 11.0.3
< 10.2.8
< 10.1.12
< 9.1.17
< 9.0.17-h4
None
All
All
>= 11.0.3
>= 10.2.8
>= 10.1.12
>= 9.1.17
>= 9.0.17-h4
All
2024-04-10 2024-04-10 8.2
N CVE-2024-3384
PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets None
None
None
< 10.0.12
< 9.1.15-h1
< 9.0.17
< 8.1.24
None
All
All
All
>= 10.0.12
>= 9.1.15-h1
>= 9.0.17
>= 8.1.24
all
2024-04-10 2024-04-10 6.9
N CVE-2024-3386
PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
None
None
< 11.0.1-h2, < 11.0.2
< 10.2.4-h2, < 10.2.5
< 10.1.9-h3, < 10.1.10
< 10.0.13
< 9.1.17
< 9.0.17-h2
None
All
All
>= 11.0.1-h2, >= 11.0.2
>= 10.2.4-h2, >= 10.2.5
>= 10.1.9-h3, >= 10.1.10
>= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-04-10 2024-04-10 5.1 CVE-2024-3388
PAN-OS: User Impersonation in GlobalProtect SSL VPN Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 11.0.3
< 10.2.7-h3
< 10.1.11-h4
< 9.1.17
< 9.0.17-h4
< 8.1.26
< 10.2.4
All
All
>= 11.0.3
>= 10.2.7-h3
>= 10.1.11-h4
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
>= 10.2.4
2024-04-10 2024-04-10 5.1 CVE-2024-2433
PAN-OS: Improper Privilege Management Vulnerability in Panorama Software Leads to Availability Loss Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
None
None
< 11.0.3 on Panorama
< 10.2.8 on Panorama
< 10.1.12 on Panorama
< 9.1.17 on Panorama
< 9.0.17-h4 on Panorama
None
All
All
>= 11.0.3 on Panorama
>= 10.2.8 on Panorama
>= 10.1.12 on Panorama
>= 9.1.17 on Panorama
>= 9.0.17-h4 on Panorama
All
2024-03-13 2024-03-13 6.3 CVE-2024-0007
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface None
None
None
< 10.1.6 on Panorama
< 10.0.11 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.24-h1 on Panorama, < 8.1.25 on Panorama
None
All
All on Panorama
All on Panorama
>= 10.1.6 on Panorama
>= 10.0.11 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.24-h1 on Panorama, >= 8.1.25 on Panorama
all
2024-02-14 2024-02-14 5.4 CVE-2024-0008
PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
Prisma Access
None
None
< 11.0.2
< 10.2.5
< 10.1.10-h1, < 10.1.11
< 10.0.12-h1, < 10.0.13
< 9.1.17
< 9.0.17-h2
None
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.10-h1, >= 10.1.11
>= 10.0.12-h1, >= 10.0.13
>= 9.1.17
>= 9.0.17-h2
All
2024-02-14 2024-02-14 5.1 CVE-2024-0010
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal None
None
None
< 10.1.11-h1, < 10.1.12
< 9.1.17
< 9.0.17-h4
None
All
All
All
>= 10.1.11-h1, >= 10.1.12
>= 9.1.17
>= 9.0.17-h4
all
2024-02-14 2024-02-14 5.1 CVE-2024-0011
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication None
None
None
< 10.1.3
< 10.0.11
< 9.1.13
< 9.0.17
< 8.1.24
None
All
All
All
>= 10.1.3
>= 10.0.11
>= 9.1.13
>= 9.0.17
>= 8.1.24
all
2024-02-14 2024-02-24 7.5 CVE-2023-6790
PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
None
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-12-13 2023-12-13 6.1 CVE-2023-6791
PAN-OS: Plaintext Disclosure of External System Integration Credentials Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 11.0.1
< 10.2.4
< 10.1.9
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.24-h1
None
All
All
>= 11.0.1
>= 10.2.4
>= 10.1.9
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.24-h1
All
2023-12-13 2023-12-13 5.9 CVE-2023-6794
PAN-OS: File Upload Vulnerability in the Web Interface None
None
None
< 9.1.14
< 9.0.17-h1
< 8.1.26
None
All
All
All
>= 9.1.14
>= 9.0.17-h1
>= 8.1.26
all
2023-12-13 2023-12-13 5.9 CVE-2023-6795
PAN-OS: OS Command Injection Vulnerability in the Web Interface None
None
None
< 10.1.3
< 10.0.9
< 9.1.12
< 9.0.17
< 8.1.24-h1
None
All
All
All
>= 10.1.3
>= 10.0.9
>= 9.1.12
>= 9.0.17
>= 8.1.24-h1
all
2023-12-13 2023-12-13 5.9 CVE-2023-6792
PAN-OS: OS Command Injection Vulnerability in the XML API None
None
None
< 10.1.6
< 10.0.12
< 9.1.15
< 9.0.17
< 8.1.24
None
All
All
All
>= 10.1.6
>= 10.0.12
>= 9.1.15
>= 9.0.17
>= 8.1.24
all
2023-12-13 2023-12-13 5.1 CVE-2023-6793
PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 11.0.2
< 10.2.5
< 10.1.11
All
< 9.1.17
< 9.0.17-h4
None
None
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.11
None
>= 9.1.17
>= 9.0.17-h4
All
All
2023-12-13 2023-12-13 4.8 CVE-2023-6789
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface Cloud NGFW
PAN-OS 11.1
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 11.0.2
< 10.2.5
< 10.1.11
All
< 9.1.17
< 9.0.17-h4
< 8.1.26
None
All
All
>= 11.0.2
>= 10.2.5
>= 10.1.11
None
>= 9.1.17
>= 9.0.17-h4
>= 8.1.26
All
2023-12-13 2023-12-13 8.2
N CVE-2023-38802
PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
Prisma SD-WAN ION 6.2
Prisma SD-WAN ION 6.1
Prisma SD-WAN ION 5.6
None
< 11.0.3
< 10.2.6
< 10.1.11
< 9.1.16-h3
< 9.0.17-h4
< 8.1.26
Customers whose most recent software upgrade was before 09/30
< 6.2.3
< 6.1.5
None
All
>= 11.0.3
>= 10.2.6
>= 10.1.11
>= 9.1.16-h3
>= 9.0.17-h4
>= 8.1.26
Customers who have received a software upgrade or are using new software on or after 09/30
>= 6.2.3
>= 6.1.5
All
2023-09-13 2024-01-18 5.4 CVE-2023-0010
PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
< 10.2.2
< 10.1.6
< 10.0.11
< 9.1.16
< 9.0.17
< 8.1.24
None
All
All
>= 10.2.2
>= 10.1.6
>= 10.0.11
>= 9.1.16
>= 9.0.17
>= 8.1.24
All
2023-06-14 2023-06-29 6.5 CVE-2023-0007
PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface None
None
None
< 10.0.7 on Panorama
< 9.1.16 on Panorama
< 9.0.17 on Panorama
< 8.1.25 on Panorama
None
All
All
All
>= 10.0.7 on Panorama
>= 9.1.16 on Panorama
>= 9.0.17 on Panorama
>= 8.1.25 on Panorama
all
2023-05-10 2023-05-10 4.4 CVE-2023-0008
PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
< 11.0.1
< 10.2.4
< 10.1.10
< 10.0.12
< 9.1.16
< 9.0.17
< 8.1.25
None
All
>= 11.0.1
>= 10.2.4
>= 10.1.10
>= 10.0.12
>= 9.1.16
>= 9.0.17
>= 8.1.25
All
2023-05-10 2023-05-11 6.5 CVE-2023-0004
PAN-OS: Local File Deletion Vulnerability Cloud NGFW
PAN-OS 11.0
PAN-OS 10.2
PAN-OS 10.1
PAN-OS 10.0
PAN-OS 9.1
PAN-OS 9.0
PAN-OS 8.1
Prisma Access
None
None
None
< 10.1.6
< 10.0.11
< 9.1.15
< 9.0.17
< 8.1.24
None
All
All
All
>= 10.1.6
>= 10.0.11
>= 9.1.15
>= 9.0.17
>= 8.1.24
All
2023-04-12 2023-04-19
=
Exploitable over the network with low complexity, unauthenticated attack.