The Palo Alto Networks Product Security Assurance team evaluated the OpenSSL vulnerability CVE-2020-1971.
All supported versions of PAN-OS software use a version of OpenSSL that contains this vulnerability but there are no scenarios for successful exploitation of the vulnerability in the applications.
As a result, there is no known security impact for this vulnerability in PAN-OS software. However, out of an abundance of caution, we patched the impacted OpenSSL code in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.8, and PAN-OS 10.0.5.
|PAN-OS 10.0||< 10.0.5||>= 10.0.5|
|PAN-OS 9.1||< 9.1.8||>= 9.1.8|
|PAN-OS 9.0||< 9.0.14||>= 9.0.14|
|PAN-OS 8.1||< 8.1.19||>= 8.1.19|
CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)
This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.8, PAN-OS 10.0.5, and all later PAN-OS versions.