Palo Alto Networks Security Advisories / PAN-SA-2021-0005

PAN-SA-2021-0005 Informational: Impact of OpenSSL Vulnerability CVE-2020-1971

Severity 0 · NONE
Attack Vector PHYSICAL
Attack Complexity HIGH
Privileges Required HIGH
User Interaction REQUIRED
Confidentiality Impact NONE
Integrity Impact NONE
Availability Impact NONE


The Palo Alto Networks Product Security Assurance team evaluated the OpenSSL vulnerability CVE-2020-1971.

All supported versions of PAN-OS software use a version of OpenSSL that contains this vulnerability but there are no scenarios for successful exploitation of the vulnerability in the applications.

As a result, there is no known security impact for this vulnerability in PAN-OS software. However, out of an abundance of caution, we patched the impacted OpenSSL code in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.8, and PAN-OS 10.0.5.

Product Status

PAN-OS 10.1None10.1.*
PAN-OS 10.0< 10.0.5>= 10.0.5
PAN-OS 9.1< 9.1.8>= 9.1.8
PAN-OS 9.0< 9.0.14>= 9.0.14
PAN-OS 8.1< 8.1.19>= 8.1.19

Severity: NONE

CVSSv3.1 Base Score: 0 (CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:N)

Weakness Type


This issue is fixed in PAN-OS 8.1.19, PAN-OS 9.0.14, PAN-OS 9.1.8, PAN-OS 10.0.5, and all later PAN-OS versions.

Workarounds and Mitigations


Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.