Palo Alto Networks Security Advisories / PAN-SA-2020-0003

PAN-SA-2020-0003 Informational: Third-party or open source vulnerabilities that do not affect Palo Alto Networks Products


Informational

JSON CSAF
Published 2020-04-08
Updated 2020-04-08
Reference PAN-111636, PAN-141921
Discovered externally

Description

Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have a security impact on Palo Alto Networks Products, or the scenarios required for successful exploitation do not exist on Palo Alto Networks Products.

CVESummary
CVE-2019-16905The OpenSSH package in PAN-OS is not compiled with XMSS support.
CVE-2019-11168Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2020-0561Palo Alto Networks does not use SGX SDK from Intel in any product.
CVE-2020-0562Palo Alto Networks does not use RAID WebConsole 2 in any product.
CVE-2020-0563Palo Alto Networks does not use MPSS installer in any product.
CVE-2020-0564Palo Alto Networks does not use RWC 3 console in any product.
CVE-2019-11175Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-0139Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0140Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0142Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0143Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0144Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0145Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0146Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0147Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0148Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0149Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-0150Palo Alto Networks does not use Intel Ethernet 700 series controllers in any released next generation firewall.
CVE-2019-11177Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11178Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11179Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11180Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11170Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11182Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11171Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11172Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11173Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11181Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-11174Palo Alto Networks does not use any affected Intel server boards or compute modules.
CVE-2019-12735The Vim package on PAN-OS do not have 'modline' enabled required for exploiting this issue. Further the command itself is not accessible to privileged or unprivileged users.

Product Status

VersionsAffectedUnaffected
PAN-OS NoneAll

Solution

No product updates are required for these issues.

Workarounds and Mitigations

None

Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.