PAN-SA-2024-0013 Informational Bulletin: Impact of OSS CVEs in PAN-OS
Informational
Description
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the affected OSS package, PAN-OS does not offer any scenarios required for an attacker to successfully exploit these vulnerabilities and is not impacted.
CVE | Summary |
---|---|
CVE-2017-12424 | PAN-OS is not affected as the underlying operating system components used by PAN-OS are not affected. |
CVE-2021-3114 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-4034 | PAN-OS is not affected as PAN-OS does not use the affected package. |
CVE-2021-31525 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-33195 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-33197 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-33198 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-34558 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-36221 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-44716 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2021-44717 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-1664 | PAN-OS is not affected as the vulnerable component is not used in PAN-OS. |
CVE-2022-1705 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-2880 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-23772 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-24675 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-24921 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-28327 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-29526 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-30629 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-30631 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-30632 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-32148 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-32189 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-41715 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-41717 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-41724 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2022-41725 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-24534 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-24536 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-24539 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-29406 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-29409 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-39318 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-39319 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-39325 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-39326 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-44487 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-45287 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-45289 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2023-45290 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2024-24783 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2024-24784 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2024-24785 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2024-24786 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
CVE-2024-24791 | PAN-OS is not affected as PAN-OS does not use the vulnerable function. |
Product Status
Versions | Affected | Unaffected |
---|---|---|
PAN-OS | None, None | All, All |
Exploitation Status
Palo Alto Networks is not aware of any malicious exploitation of these issues in PAN-OS.
Solution
No software updates are required at this time.