Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have a security impact on Palo Alto Networks Products, or the scenarios required for successful exploitation do not exist on Palo Alto Networks Products.
CVE | CVSS | Summary |
---|---|---|
CVE-2019-16905 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | The OpenSSH package in PAN-OS is not compiled with XMSS support. |
CVE-2019-11168 | 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2020-0561 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use SGX SDK from Intel in any product. |
CVE-2020-0562 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use RAID WebConsole 2 in any product. |
CVE-2020-0563 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use MPSS installer in any product. |
CVE-2020-0564 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use RWC 3 console in any product. |
CVE-2019-11175 | 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-0139 | 6.7 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0140 | 8.8 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0142 | 8.2 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0143 | 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0144 | 6.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0145 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0146 | 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0147 | 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0148 | 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0149 | 5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-0150 | 5.1 (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H) | Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall. |
CVE-2019-11177 | 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11178 | 8.1 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11179 | 6.5 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11180 | 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11170 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11182 | 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11171 | 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11172 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11173 | 7.1 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11181 | 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-11174 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | Palo Alto Networks does not use any affected Intel server boards or compute modules. |
CVE-2019-12735 | 8.6 (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H) | The Vim package on PAN-OS do not have 'modline' enabled required for exploiting this issue. Further the command itself is not accessible to privileged or unprivileged users. |
Versions | Affected | Unaffected |
---|---|---|
PAN-OS | None | all |
CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)
No product updates are required for these issues.
None