The Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have any security impact on PAN-OS or that the scenarios required for successful exploitation do not exist on devices running a PAN-OS release.
CVE | CVSS | Summary |
---|---|---|
CVE-2020-11896 | 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11897 | 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11898 | 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11899 | 5.4 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11900 | 8.2 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11901 | 9.0 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11902 | 7.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11903 | 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11904 | 7.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11905 | 6.5 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11906 | 6.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11907 | 6.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11908 | 4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11909 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11910 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11911 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11912 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11913 | 5.3 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2020-11914 | 4.3 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) | This vulnerability in Treck TCP/IP stack (also known as Ripple20) does not impact PAN-OS software. |
CVE-2013-7459 | 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) | This vulnerability in pycrypto does not affect PAN-OS software. |
CVE-2018-1122 | 7.0 (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H) | Conditions required for exploiting this vulnerability in procps-ng do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2018-16402 | 9.8 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) | Conditions required for exploiting this vulnerability in libelf do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2020-11022 | 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) | Conditions required for exploiting this vulnerability in jQuery do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2020-11023 | 6.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) | Conditions required for exploiting this vulnerability in jQuery do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2018-1121 | 5.9 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) | Conditions required for exploiting this vulnerability in procps-ng do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2018-1120 | 5.3 (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H) | Conditions required for exploiting this vulnerability in procps-ng do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2018-1123 | 7.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) | Conditions required for exploiting this vulnerability in procps-ng do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
CVE-2018-1124 | 7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) | Conditions required for exploiting this vulnerability in procps-ng do not exist in PAN-OS software. Hence PAN-OS software is not impacted. |
Versions | Affected | Unaffected |
---|---|---|
PAN-OS all | None | all |
CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)
No product updates are required for these issues.