CVE-2019-1559 OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OS
The OpenSSL library has been updated in PAN-OS to resolve CVE-2019-1559. This is a cryptographic vulnerability that under certain situations may allow a remote attacker to decrypt data by observing server responses to different types of errors.
This issue affects Palo Alto Networks PAN-OS 7.1 versions prior to 7.1.25, 8.0 versions prior to 8.0.20, 8.1 versions prior to 8.1.8, 9.0 versions prior to 9.0.2.
PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.
|PAN-OS 9.0||< 9.0.2||>= 9.0.2|
|PAN-OS 8.1||< 8.1.8||>= 8.1.8|
|PAN-OS 8.0||< 8.0.20||>= 8.0.20|
|PAN-OS 7.1||< 7.1.25||>= 7.1.25|
Releases <= 7.0 have not been evaluated.
CVSSv3.1 Base Score:5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
CWE-325 Missing Required Cryptographic Step
This issue has been fixed in 7.1.25, 8.0.20, 8.1.8, 9.0.2 and all subsequent releases.
Workarounds and Mitigations
There are no available workarounds.