Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection.
Panorama and Cloud NGFW are not impacted by these issues.
This issue affects firewalls with GlobalProtect portal or gateway configured when authentication override cookies are enabled and a specific certificate configuration exists. To check if authentication cookies are enabled follow the steps below:
On the Portal:
1. Navigate to Network > GlobalProtect > Portals in the management interface.
2. Click on your Portal Name and go to the Agent tab.
3. Click on your Agent Configuration profile.
4. Go to the Authentication tab.
5. Generate cookie for authentication override or Accept cookie for authentication override options are checked.
Customers can mitigate the risk of this issue by taking any of the following actions:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 12.1 | \n 12.1.5 through 12.1.6 | \nUpgrade to 12.1.7 or later. | \n
| \n | 12.1.2 through 12.1.4-h* | \nUpgrade to 12.1.4-h6 or 12.1.7 or later. | \n
| PAN-OS 11.2 | \n 11.2.11 or later | \nUpgrade to 11.2.12 or later. | \n
| \n | 11.2.8 through 11.2.10-h* | \nUpgrade to 11.2.10-h7 or 11.2.12 or later. | \n
| \n | 11.2.5 through 11.2.7-h* | \nUpgrade to 11.2.7-h14 or 11.2.12 or later. | \n
| \n | 11.2.0 through 11.2.4-h* | \nUpgrade to 11.2.4-h17 or 11.2.12 or later. | \n
| PAN-OS 11.1 | \n 11.1.14 or later | \nUpgrade to 11.1.15 or later. | \n
| \n | 11.1.11 through 11.1.13-h* | \nUpgrade to 11.1.13-h5 or 11.1.15 or later. | \n
| \n | 11.1.8 through 11.1.10-h* | \nUpgrade to 11.1.10-h25 or 11.1.15 or later. | \n
| \n | 11.1.7 through 11.1.7-h* | \nUpgrade to 11.1.7-h6 or 11.1.15 or later. | \n
| \n | 11.1.5 through 11.1.6-h* | \nUpgrade to 11.1.6-h32 or 11.1.15 or later. | \n
| \n | 11.1.0 through 11.1.4-h* | \nUpgrade to 11.1.4-h33 or 11.1.15 or later. | \n
| PAN-OS 10.2 | \n 10.2.17 through 10.2.18-h* | \nUpgrade to 10.2.18 or 10.2.18-h6 or later. | \n
| \n | 10.2.14 through 10.2.16-h* | \nUpgrade to 10.2.16-h7 or 10.2.18-h6 or later. | \n
| \n | 10.2.11 through 10.2.13-h* | \nUpgrade to 10.2.13-h21 or 10.2.18-h6 or later. | \n
| \n | 10.2.8 through 10.2.10-h* | \nUpgrade to 10.2.10-h36 or 10.2.18-h6 or later. | \n
| \n | 10.2.0 through 10.2.7-h* | \nUpgrade to 10.2.7-h34 or 10.2.18-h6 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access 10.2 | \n 10.2.0 through 10.2.10-h* | \nUpgrade to 10.2.10-h36 or later. | \n
| Prisma Access 11.2 | \n 11.2.0 through 11.2.7-h* | \nUpgrade to 11.2.7-h13 or later. | \n
Note: With this fix, if the firewall is configured to use an authentication override cookie for the GlobalProtect Portal or Gateway, it will regenerate the cookie using a more secure method. Therefore, GP users will need to re-authenticate after a PAN-OS upgrade, even if a valid cookie is present. This is a one time requirement. Once they re-authenticate after the upgrade, the authentication override cookie and its validity will work as they do today.
"}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of these issues.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of these issues.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial publication."},{"time":"2026-05-14T19:15:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0258","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Server-Side Request Forgery (SSRF) in IKEv2 Certificate URL Fetching","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-664","descriptions":[{"lang":"en","value":"CAPEC-664 Server-Side Request Forgery"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.4-h5","status":"unaffected"},{"at":"12.1.7","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.4-h17","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.4-h33","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.15","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","changes":[{"at":"10.2.7-h34","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.18-h6","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.10","versionEndExcluding":"11.2.10-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h32"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.7","versionEndExcluding":"11.1.7-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.10","versionEndExcluding":"11.1.10-h25"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.13","versionEndExcluding":"11.1.13-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.7","versionEndExcluding":"10.2.7-h34"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.13","versionEndExcluding":"10.2.13-h21"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.16","versionEndExcluding":"10.2.16-h7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.18","versionEndExcluding":"10.2.18-h6"}]}]}],"descriptions":[{"lang":"en","value":"A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition.\n\nPanorama, Cloud NGFW and Prisma® Access are not impacted by these vulnerabilities.","supportingMedia":[{"type":"text/html","base64":false,"value":"A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks PAN-OS® software allows an unauthenticated attacker to cause the firewall to send network requests to unintended destinations or cause a denial of service (DoS) condition.
Panorama, Cloud NGFW and Prisma® Access are not impacted by these vulnerabilities.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0258","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.3,"threatSeverity":"MEDIUM","threatScore":4.8,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:H/U:Amber"}}],"configurations":[{"lang":"eng","value":"This issue is applicable only to PAN-OS configurations with a PAN-OS Site-to-Site VPN Gateway with IKEv2 configured.\n\nTo verify if you have Site-to-Site VPN Gateway that is configured with IKEv2 on a device please refer to our documentation (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClGkCAK).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is applicable only to PAN-OS configurations with a PAN-OS Site-to-Site VPN Gateway with IKEv2 configured.
To verify if you have Site-to-Site VPN Gateway that is configured with IKEv2 on a device please refer to our documentation.
"}]}],"workarounds":[{"lang":"eng","value":"Customers who do not require IKEv2 VPN can mitigate this issue by removing all IKEv2 VPN gateway configurations.\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510014 (from Applications and Threats content version 9100-10044).\n","supportingMedia":[{"type":"text/html","base64":false,"value":"Customers who do not require IKEv2 VPN can mitigate this issue by removing all IKEv2 VPN gateway configurations.
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510014 (from Applications and Threats content version 9100-10044).
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later | |
| Prisma Access | No action needed. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks is not aware of any malicious exploitation of this issue.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial publication."},{"time":"2026-05-14T19:15:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.14","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h5","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0261","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authenticated Admin Command Injection Vulnerability","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-88","descriptions":[{"lang":"en","value":"CAPEC-88 OS Command Injection"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.7","status":"unaffected"},{"at":"12.1.4-h5","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.12","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.4-h17","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.15","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.4-h33","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","changes":[{"at":"10.2.18-h6","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.7-h34","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"}]}]}],"descriptions":[{"lang":"en","value":"Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma Access® are not impacted by these vulnerabilities.","supportingMedia":[{"type":"text/html","base64":false,"value":"Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI or Web UI.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators and by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines.
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prisma Access® are not impacted by these vulnerabilities.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0261","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.6,"threatSeverity":"MEDIUM","threatScore":6.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"You can reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface."}],"cvssV4_0":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.4,"threatSeverity":"MEDIUM","threatScore":5.7,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber"}}],"configurations":[{"lang":"eng","value":"No special configuration is required to be affected by this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"No special configuration is required to be affected by this issue.
"}]}],"workarounds":[{"lang":"eng","value":"The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510017, 510018 and 510024 and can detect attacks for this vulnerability by enabling Threat IDs 510021, 510025 and 510026 (from Applications and Threats content version 9100-10044 and later). For these Threat IDs to protect against attacks for this vulnerability:\n\n\n\n * Route incoming traffic for the MGT port through a DP port (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id59206398-3dab-4b2f-9b4b-7ea500d036ba), e.g., enabling management profile on a DP interface for management access.\n * Replace the Certificate for Inbound Traffic Management (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#id112f7714-8995-4496-bbf9-781e63dec71c).\n * Decrypt inbound traffic to the management interface (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2) so the firewall can inspect it (https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices#idbbd82587-17a2-42b4-9245-d3714e1e13a2).\n * Enable threat prevention on the inbound traffic to management services.\n\n","supportingMedia":[{"type":"text/html","base64":false,"value":"The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review information about how to secure management access to your Palo Alto Networks firewalls:
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510017, 510018 and 510024 and can detect attacks for this vulnerability by enabling Threat IDs 510021, 510025 and 510026 (from Applications and Threats content version 9100-10044 and later). For these Threat IDs to protect against attacks for this vulnerability:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | \n 12.1.5 through 12.1.6 | \nUpgrade to 12.1.7 or later. | \n
| \n | 12.1.2 through 12.1.4-h* | \nUpgrade to 12.1.4-h5 or 12.1.7 or later. | \n
| PAN-OS 11.2 | \n 11.2.11 or later | \nUpgrade to 11.2.12 or later. | \n
| \n | 11.2.8 through 11.2.10-h* | \nUpgrade to 11.2.10-h6 or 11.2.12 or later. | \n
| \n | 11.2.5 through 11.2.7-h* | \nUpgrade to 11.2.7-h13 or 11.2.12 or later. | \n
| \n | 11.2.0 through 11.2.4-h* | \nUpgrade to 11.2.4-h17 or 11.2.12 or later. | \n
| PAN-OS 11.1 | \n 11.1.14 or later | \nUpgrade to 11.1.15 or later. | \n
| \n | 11.1.11 through 11.1.13-h* | \nUpgrade to 11.1.13-h5 or 11.1.15 or later. | \n
| \n | 11.1.8 through 11.1.10-h* | \nUpgrade to 11.1.10-h25 or 11.1.15 or later. | \n
| \n | 11.1.7 through 11.1.7-h* | \nUpgrade to 11.1.7-h6 or 11.1.15 or later. | \n
| \n | 11.1.5 through 11.1.6-h* | \nUpgrade to 11.1.6-h32 or 11.1.15 or later. | \n
| \n | 11.1.0 through 11.1.4-h* | \nUpgrade to 11.1.4-h33 or 11.1.15 or later. | \n
| PAN-OS 10.2 | \n 10.2.17 through 10.2.18-h* | \nUpgrade to 10.2.18-h6 or later. | \n
| \n | 10.2.14 through 10.2.16-h* | \nUpgrade to 10.2.16-h7 or 10.2.18-h6 or later. | \n
| \n | 10.2.11 through 10.2.13-h* | \nUpgrade to 10.2.13-h21 or 10.2.18-h6 or later. | \n
| \n | 10.2.8 through 10.2.10-h* | \nUpgrade to 10.2.10-h36 or 10.2.18-h6 or later. | \n
| \n | 10.2.0 through 10.2.7-h* | \nUpgrade to 10.2.7-h34 or 10.2.18-h6 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access | No action needed. |
Palo Alto Networks is not aware of any malicious exploitation of these issues.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial publication."},{"time":"2026-05-14T19:15:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0262","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Denial of Service Vulnerabilities in Network Traffic Parsing","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-754","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-153","descriptions":[{"lang":"en","value":"CAPEC-153 Input Data Manipulation"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","platforms":["Azure/AWS"],"versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.7","status":"unaffected"},{"at":"12.1.4-h5","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.12","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.4-h17","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.15","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.4-h33","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","changes":[{"at":"10.2.18-h6","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.7-h34","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"affected","version":"10.2.0","lessThan":"10.2.10-h36","changes":[{"at":"10.2.10-h36","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.7-h13","changes":[{"at":"11.2.7-h13","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.10","versionEndExcluding":"11.2.10-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.13","versionEndExcluding":"11.1.13-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.10","versionEndExcluding":"11.1.10-h25"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.7","versionEndExcluding":"11.1.7-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h32"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.18","versionEndExcluding":"10.2.18-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.16","versionEndExcluding":"10.2.16-h7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.13","versionEndExcluding":"10.2.13-h21"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.7","versionEndExcluding":"10.2.7-h34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:prisma_access:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"}]}]}],"descriptions":[{"lang":"en","value":"Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to a dataplane interface.\n\nPanorama and Cloud NGFW are not impacted by these vulnerabilities.","supportingMedia":[{"type":"text/html","base64":false,"value":"Multiple denial of service vulnerabilities in Palo Alto Networks PAN-OS® software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition by sending specially crafted network traffic to a dataplane interface.
Panorama and Cloud NGFW are not impacted by these vulnerabilities.
No special configuration is required to be affected by this issue.
"}]}],"workarounds":[{"lang":"eng","value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510011, 510015, 510022 (HTTP traffic only), and 510023 (from Applications and Threats content version 9100-10044 and later).\n\nPlease note that all of the above Threat IDs require SSL Decryption.\n\n","supportingMedia":[{"type":"text/html","base64":false,"value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 510011, 510015, 510022 (HTTP traffic only), and 510023 (from Applications and Threats content version 9100-10044 and later).
Please note that all of the above Threat IDs require SSL Decryption.
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW No action needed\nPAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later.\n 12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later.\n 11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later.\n 11.2.5 through 11.2.7-h* Upgrade to 11.2.7-h13 or 11.2.12 or later.\n 11.2.0 through 11.2.4-h* Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1 11.1.14 or later Upgrade to 11.1.15 or later.\n 11.1.11 through 11.1.13-h* Upgrade to 11.1.13-h5 or 11.1.15 or later.\n 11.1.8 through 11.1.10-h* Upgrade to 11.1.10-h25 or 11.1.15 or later.\n 11.1.7 through 11.1.7-h* Upgrade to 11.1.7-h6 or 11.1.15 or later.\n 11.1.5 through 11.1.6-h* Upgrade to 11.1.6-h32 or 11.1.15 or later.\n 11.1.0 through 11.1.4-h* Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2 10.2.17 through 10.2.18-h* Upgrade to 10.2.18-h6 or later.\n 10.2.14 through 10.2.16-h* Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n 10.2.11 through 10.2.13-h* Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n 10.2.8 through 10.2.10-h* Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n 10.2.0 through 10.2.7-h* Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nPrisma Access 10.2 10.2.0 through 10.2.10-h* Upgrade to 10.2.10-h36 or later.\nPrisma Access 11.2 11.2.0 through 11.2.7-h* Upgrade to 11.2.7-h13 or later.\nAll older unsupported PAN-OS versions Upgrade to a supported fixed version.","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. | |
| Prisma Access 10.2 | 10.2.0 through 10.2.10-h* | Upgrade to 10.2.10-h36 or later. |
| Prisma Access 11.2 | 11.2.0 through 11.2.7-h* | Upgrade to 11.2.7-h13 or later. |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks is not aware of any malicious exploitation of these issues.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial publication."},{"time":"2026-05-14T19:00:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.14","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h5","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0263","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Remote Code Execution (RCE) in IKEv2 Processing","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-787","description":"CWE-787 Out-of-bounds Write","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-100","descriptions":[{"lang":"en","value":"CAPEC-100 Overflow Buffers"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.7","status":"unaffected"},{"at":"12.1.4-h5","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.12","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.4-h17","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.15","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.4-h33","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.2.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.10","versionEndExcluding":"11.2.10-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h32"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.7","versionEndExcluding":"11.1.7-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.10","versionEndExcluding":"11.1.10-h25"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.13","versionEndExcluding":"11.1.13-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"}]}]}],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.\n\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by these vulnerabilities.","supportingMedia":[{"type":"text/html","base64":false,"value":"A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allows an unauthenticated network-based attacker to execute arbitrary code with elevated privileges on the firewall, or cause a denial of service (DoS) condition.
Customers using IKEv2 VPN can mitigate this issue by configuring IKEv2 VPN tunnels only with NIST approved Post Quantum Cryptography (PQC) ciphers.
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW No action needed.\nPAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later.\n 12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later.\n 11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later.\n 11.2.5 through 11.2.7-h* Upgrade to 11.2.7-h13 or 11.2.12 or later.\n 11.2.0 through 11.2.4-h* Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1 11.1.14 or later Upgrade to 11.1.15 or later.\n 11.1.11 through 11.1.13-h* Upgrade to 11.1.13-h5 or 11.1.15 or later.\n 11.1.8 through 11.1.10-h* Upgrade to 11.1.10-h25 or 11.1.15 or later.\n 11.1.7 through 11.1.7-h* Upgrade to 11.1.7-h6 or 11.1.15 or later.\n 11.1.5 through 11.1.6-h* Upgrade to 11.1.6-h32 or 11.1.15 or later.\n 11.1.0 through 11.1.4-h* Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2 No action needed.\nPrisma Access No action needed. \nAll older unsupported PAN-OS versions Upgrade to a supported fixed version.","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | No action needed. | |
| Prisma Access | No action needed. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks is not aware of any malicious exploitation of this issue.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial publication."}],"credits":[{"lang":"en","value":"our internal security research teams","type":"other"}],"source":{"discovery":"INTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.14","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0264","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Heap-Based Buffer Overflow in DNS Proxy and DNS Server Allows Unauthenticated Remote Code Execution","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-122","description":"CWE-122 Heap-based Buffer Overflow","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-100","descriptions":[{"lang":"en","value":"CAPEC-100 Overflow Buffers"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","platforms":["AWS","Azure"],"versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.4-h5","status":"unaffected"},{"at":"12.1.7","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.4-h17","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.4-h33","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.15","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","changes":[{"at":"10.2.7-h34","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.18-h6","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.10","versionEndExcluding":"11.2.10-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h32"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.7","versionEndExcluding":"11.1.7-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.10","versionEndExcluding":"11.1.10-h25"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.13","versionEndExcluding":"11.1.13-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.7","versionEndExcluding":"10.2.7-h34"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.13","versionEndExcluding":"10.2.13-h21"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.16","versionEndExcluding":"10.2.16-h7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.18","versionEndExcluding":"10.2.18-h6"}]}]}],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only).\n\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.","supportingMedia":[{"type":"text/html","base64":false,"value":"A buffer overflow vulnerability in the DNS proxy and DNS Server features of Palo Alto Networks PAN-OS® Software allows an unauthenticated attacker with network access to cause a denial of service (DoS) condition (all PAN-OS platforms except Cloud NGFW and Prisma Access) or potentially execute arbitrary code by sending specially crafted network traffic (PA-Series hardware only).
Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0264","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest for PA-Series hardware firewalls as there is a potential risk of arbitrary code execution"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"RED","exploitMaturity":"UNREPORTED","baseSeverity":"CRITICAL","baseScore":9.2,"threatSeverity":"HIGH","threatScore":7.2,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/AU:Y/R:U/V:C/RE:H/U:Red"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is lower for VM-Series firewalls, as the impact is limited to a Denial of Service condition"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.7,"threatSeverity":"MEDIUM","threatScore":6.6,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:A/V:D/RE:M/U:Amber"}}],"configurations":[{"lang":"eng","value":"This issue is applicable only to PAN-OS firewalls if either of the following conditions are true:\n\n 1. DNS Proxy is enabled (Network > DNS Proxy) AND a network interface is attached to DNS Proxy. \n OR\n \n 2. The DNS server (Device > Setup > Services) configured on NGFW is a compromised public untrusted IP address.\n \n \n\nThe risk is higher if the interface is externally exposed to an untrusted network. Further documentation on configuring DNS Proxy can be found here (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClFcCAK).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is applicable only to PAN-OS firewalls if either of the following conditions are true:
The risk is higher if the interface is externally exposed to an untrusted network. Further documentation on configuring DNS Proxy can be found here.
"}]}],"workarounds":[{"lang":"eng","value":"Customers can mitigate the risk of this issue by taking either of the following actions:\n\nAction 1: \n\n * Disassociate DNS Proxy from externally accessible interfaces in order to reduce your attack surface; AND\n * Configure DNS server with a RFC1918 or a public trusted IP address.\n \n\nOR Action 2:\n\n * Disable the DNS Proxy feature (Network > DNS Proxy) if it is not being used; AND\n * Configure DNS server with a RFC1918 or a public trusted IP address.\n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510027 from Applications and Threats content version 9100-10044 and later.\n\n","supportingMedia":[{"type":"text/html","base64":false,"value":"Customers can mitigate the risk of this issue by taking either of the following actions:Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510027 from Applications and Threats content version 9100-10044 and later.
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW No action needed\nPAN-OS 12.1 12.1.5 through 12.1.6 Upgrade to 12.1.7 or later.\n 12.1.2 through 12.1.4-h* Upgrade to 12.1.4-h5 or 12.1.7 or later.\nPAN-OS 11.2 11.2.11 or later Upgrade to 11.2.12 or later.\n 11.2.8 through 11.2.10-h* Upgrade to 11.2.10-h6 or 11.2.12 or later.\n 11.2.5 through 11.2.7-h* Upgrade to 11.2.7-h13 or 11.2.12 or later.\n 11.2.0 through 11.2.4-h* Upgrade to 11.2.4-h17 or 11.2.12 or later.\nPAN-OS 11.1 11.1.14 or later Upgrade to 11.1.15 or later.\n 11.1.11 through 11.1.13-h* Upgrade to 11.1.13-h5 or 11.1.15 or later.\n 11.1.8 through 11.1.10-h* Upgrade to 11.1.10-h25 or 11.1.15 or later.\n 11.1.7 through 11.1.7-h* Upgrade to 11.1.7-h6 or 11.1.15 or later.\n 11.1.5 through 11.1.6-h* Upgrade to 11.1.6-h32 or 11.1.15 or later.\n 11.1.0 through 11.1.4-h* Upgrade to 11.1.4-h33 or 11.1.15 or later.\nPAN-OS 10.2 10.2.17 through 10.2.18-h* Upgrade to 10.2.18-h6 or later.\n 10.2.14 through 10.2.16-h* Upgrade to 10.2.16-h7 or 10.2.18-h6 or later.\n 10.2.11 through 10.2.13-h* Upgrade to 10.2.13-h21 or 10.2.18-h6 or later.\n 10.2.8 through 10.2.10-h* Upgrade to 10.2.10-h36 or 10.2.18-h6 or later.\n 10.2.0 through 10.2.7-h* Upgrade to 10.2.7-h34 or 10.2.18-h6 or later.\nPrisma Access No action needed. \nAll older unsupported PAN-OS versions Upgrade to a supported fixed version.","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. | |
| Prisma Access | No action needed. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks is not aware of any malicious exploitation of this issue.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial Publication."},{"time":"2026-05-14T19:00:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks an external reporter and our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0265","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authentication Bypass with Cloud Authentication Service (CAS) enabled","datePublic":"2026-05-13T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-347","description":"CWE-347 Improper Verification of Cryptographic Signature","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-115","descriptions":[{"lang":"en","value":"CAPEC-115 Authentication Bypass"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","changes":[{"at":"12.1.4-h5","status":"unaffected"},{"at":"12.1.7","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","changes":[{"at":"11.2.4-h17","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","changes":[{"at":"11.1.4-h33","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.15","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","changes":[{"at":"10.2.7-h34","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.18-h6","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.4","versionEndExcluding":"10.2.4-h44"}]}]}],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled.\n\nThe risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used.\n\nThe risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).\n\nThis issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).\n\nCloud NGFW and Prisma Access® are not impacted by this vulnerability.","supportingMedia":[{"type":"text/html","base64":false,"value":"An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled.
The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used.
The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines.
This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
Customers are impacted if the following conditions are true:
To verify if you have CAS enabled, see our documentation on authentication profile in management interface.
To verify if the CAS authentication profile is attached to your configurations in the PAN-OS management interface:
To verify if the CAS authentication profile is attached to your configurations in the SCM profile:
The vast majority of firewalls already follow Palo Alto Networks' and industry best practices. However, if you haven’t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.
Review information about how to secure management access to your Palo Alto Networks firewalls:
To temporarily mitigate this issue, customers can disable the Cloud Authentication Service (CAS) by changing the associated authentication profile to SAML, RADIUS, or other supported authentication methods.
Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510008 from Applications and Threats content version 9100-10044 and later. Threat ID 510008 depends on features present in PAN-OS 11.2 and above.
To ensure the Threat ID provides effective protection against this vulnerability, follow these steps:| Version | Minor Version Range | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access | No action needed. |
Palo Alto Networks is not aware of any malicious exploitation of this issue.
"}]}],"timeline":[{"time":"2026-05-13T16:00:00.000Z","lang":"en","value":"Initial Publication."},{"time":"2026-05-12T19:00:00.000Z","lang":"en","value":"Updated the Fix release timeline for 10.2.16-h7."}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Harsh Jaiswal from Hacktron AI and our internal security research teams for discovering and reporting this issue.","type":"other"}],"source":{"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.11","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.14","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h5","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2026-0300","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal","datePublic":"2026-05-05T23:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-787","description":"CWE-787: Out-of-bounds Write","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-100","descriptions":[{"lang":"en","value":"CAPEC-100 Overflow Buffers"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"12.1.0","lessThan":"12.1.7","changes":[{"at":"12.1.7","status":"unaffected"},{"at":"12.1.4-h5","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.12","changes":[{"at":"11.2.12","status":"unaffected"},{"at":"11.2.10-h6","status":"unaffected"},{"at":"11.2.7-h13","status":"unaffected"},{"at":"11.2.4-h17","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.15","changes":[{"at":"11.1.15","status":"unaffected"},{"at":"11.1.13-h5","status":"unaffected"},{"at":"11.1.10-h25","status":"unaffected"},{"at":"11.1.7-h6","status":"unaffected"},{"at":"11.1.6-h32","status":"unaffected"},{"at":"11.1.4-h33","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.18-h6","changes":[{"at":"10.2.18-h6","status":"unaffected"},{"at":"10.2.16-h7","status":"unaffected"},{"at":"10.2.13-h21","status":"unaffected"},{"at":"10.2.10-h36","status":"unaffected"},{"at":"10.2.7-h34","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.4","versionEndExcluding":"12.1.4-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1.0","versionEndExcluding":"12.1.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.4","versionEndExcluding":"11.2.4-h17"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.7","versionEndExcluding":"11.2.7-h13"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.10","versionEndExcluding":"11.2.10-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.12"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.4","versionEndExcluding":"11.1.4-h33"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h32"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.7","versionEndExcluding":"11.1.7-h6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.10","versionEndExcluding":"11.1.10-h25"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.13","versionEndExcluding":"11.1.13-h5"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.15"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.7","versionEndExcluding":"10.2.7-h34"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h36"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.13","versionEndExcluding":"10.2.13-h21"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.16","versionEndExcluding":"10.2.16-h7"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.18","versionEndExcluding":"10.2.18-h6"}]}]}],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.\n\nThe risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC) by restricting access to only trusted internal IP addresses.\n\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.","supportingMedia":[{"type":"text/html","base64":false,"value":"A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.
The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines by restricting access to only trusted internal IP addresses.
Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.
This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID™ Authentication Portal.
Customers are impacted if both of the following conditions are true:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | 12.1.5 through 12.1.6 | Upgrade to 12.1.7 or later. |
| 12.1.2 through 12.1.4-h* | Upgrade to 12.1.4-h5 or 12.1.7 or later. | |
| PAN-OS 11.2 | 11.2.11 or later | Upgrade to 11.2.12 or later. |
| 11.2.8 through 11.2.10-h* | Upgrade to 11.2.10-h6 or 11.2.12 or later. | |
| 11.2.5 through 11.2.7-h* | Upgrade to 11.2.7-h13 or 11.2.12 or later. | |
| 11.2.0 through 11.2.4-h* | Upgrade to 11.2.4-h17 or 11.2.12 or later. | |
| PAN-OS 11.1 | 11.1.14 or later | Upgrade to 11.1.15 or later. |
| 11.1.11 through 11.1.13-h* | Upgrade to 11.1.13-h5 or 11.1.15 or later. | |
| 11.1.8 through 11.1.10-h* | Upgrade to 11.1.10-h25 or 11.1.15 or later. | |
| 11.1.7 through 11.1.7-h* | Upgrade to 11.1.7-h6 or 11.1.15 or later. | |
| 11.1.5 through 11.1.6-h* | Upgrade to 11.1.6-h32 or 11.1.15 or later. | |
| 11.1.0 through 11.1.4-h* | Upgrade to 11.1.4-h33 or 11.1.15 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18-h* | Upgrade to 10.2.18-h6 or later. |
| 10.2.14 through 10.2.16-h* | Upgrade to 10.2.16-h7 or 10.2.18-h6 or later. | |
| 10.2.11 through 10.2.13-h* | Upgrade to 10.2.13-h21 or 10.2.18-h6 or later. | |
| 10.2.8 through 10.2.10-h* | Upgrade to 10.2.10-h36 or 10.2.18-h6 or later. | |
| 10.2.0 through 10.2.7-h* | Upgrade to 10.2.7-h34 or 10.2.18-h6 or later. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access | No action needed. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 12.1 | 12.1.2 through 12.1.3 | Upgrade to 12.1.4 or later. |
| PAN-OS 11.2 | 11.2.8 through 11.2.10 | Upgrade to 11.2.10-h2 or later. |
| 11.2.5 through 11.2.7 | Upgrade to 11.2.7-h8 or 11.2.10-h2 or later. | |
| 11.2.0 through 11.2.4 | Upgrade to 11.2.4-h15 or 11.2.10-h2 or later. | |
| PAN-OS 11.1 | 11.1.11 through 11.1.12 | Upgrade to 11.1.13 or later. |
| 11.1.7 through 11.1.10 | Upgrade to 11.1.10-h9 or 11.1.13 later. | |
| 11.1.5 through 11.1.6 | Upgrade to 11.1.6-h23 or 11.1.13 or later. | |
| 11.1.0 through 11.1.4 | Upgrade to 11.1.4-h27 or 11.1.13 or later. | |
| PAN-OS 10.2 | 10.2.17 through 10.2.18 | Upgrade to 10.2.18-h1 or later. |
| 10.2.14 through 10.2.16 | Upgrade to 10.2.16-h6 or 10.2.18-h1 or later. | |
| 10.2.11 through 10.2.13 | Upgrade to 10.2.13-h18 or 10.2.18-h1 or later. | |
| 10.2.8 through 10.2.10 | Upgrade to 10.2.10-h31 or 10.2.18-h1 or later. | |
| 10.2.0 through 10.2.7 | Upgrade to 10.2.7-h32 or 10.2.18-h1 or later. | |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h20 or later. |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access 11.2 | 11.2.0 through 11.2.7 | Upgrade to 11.2.7-h8 or later.* |
| Prisma Access 10.2 | 10.2.0 through 10.2.10 | Upgrade to 10.2.10-h29 or later.* |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW | No action needed. | |
| PAN-OS 12.1 | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.4 | \nUpgrade to 11.2.4-h4 or 11.2.5 or later. | \n
| \n | 11.2.0 through 11.2.3 | \nUpgrade to 11.2.3-h6 or 11.2.5 or later. | \n
| \n | 11.2.0 through 11.2.2 | \nUpgrade to 11.2.2-h2 or 11.2.5 or later. | \n
| PAN-OS 11.1 | \n 11.1.0 through 11.1.6 | \nUpgrade to 11.1.6-h1 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.4 | \nUpgrade to 11.1.4-h13 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.3 | \nRemain on a version older than 11.1.3-h2 or upgrade to 11.1.4-h13 or 11.1.7 or later. | \n
| \n | 11.1.0 through 11.1.2 | \nUpgrade to 11.1.2-h18 or 11.1.7 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.13 | \nUpgrade to 10.2.13-h3 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.12 | \nUpgrade to 10.2.12-h6 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.11 | \nUpgrade to 10.2.11-h12 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h14 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.9 | \nUpgrade to 10.2.9-h21 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.8 | \nUpgrade to 10.2.8-h21 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.7 | \nUpgrade to 10.2.7-h24 or 10.2.14 or later. | \n
| \n | 10.2.0 through 10.2.4 | \nRemain on a version older than 10.2.4-h25 | \n
| PAN-OS 10.1 | No action needed. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access on PAN-OS | 11.2.0 through 11.2.4 | Upgrade to 11.2.4-h4 or later |
| 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h14 or 11.2.4-h4 or later. | \n|
| \n | 10.2.0 through 10.2.4 | \nRemain on a version older than 10.2.4-h25. | \n
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVEN-2025-4615","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses. We recommend remediating this vulnerability in your next scheduled maintenance cycle."}],"cvssV4_0":{"version":"4.0","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"POC","baseSeverity":"MEDIUM","baseScore":6.9,"threatSeverity":"MEDIUM","threatScore":5.4,"vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:U/V:D/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"POC","baseSeverity":"HIGH","baseScore":7,"threatSeverity":"MEDIUM","threatScore":5.5,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/AU:N/R:U/V:D/RE:M/U:Amber"}}],"workarounds":[{"lang":"eng","value":"No known workarounds exist for this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"No known workarounds exist for this issue."}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nCloud NGFW All No action needed.\nPAN-OS 12.1 No action needed.\nPAN-OS 11.2 11.2.0 through 11.2.7 Upgrade to 11.2.8 or later.\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.4-h27 or 11.1.6-h21 or 11.1.10-h7 or later.\n 11.1.4 through 11.1.6 Upgrade to 11.1.6-h21 or 11.1.10-h7 or later.\n 11.1.8 through 11.1.10 Upgrade to 11.1.10-h7 or later.\nPAN-OS 10.2 10.2.0 through 10.2.16 Upgrade to 10.2.17 or later.\nAll older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\nPrisma Access All No action needed.","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 12.1 | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.7 | \nUpgrade to 11.2.8 or later. | \n
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.4-h27 or 11.1.6-h21 or 11.1.10-h7 or later. |
| 11.1.4 through 11.1.6 | \nUpgrade to 11.1.6-h21 or 11.1.10-h7 or later. | \n |
| \n | 11.1.8 through 11.1.10 | \nUpgrade to 11.1.10-h7 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.16 | \nUpgrade to 10.2.17 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access All | No action needed. |
The risk is greatest if you allow access to the management web interface from the internet or from any untrusted network either:
Directly; or
Through a dataplane interface that includes a management interface profile.
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management web interface.
Use the following steps to identify your recently detected devices in our internet scans.
To find any assets that require remediation, visit the Assets section of the Customer Support Portal:https://support.paloaltonetworks.com and then select Products → Assets → All Assets → Remediation Required).
Review the list of your assets that we discovered in our scans to have an internet-facing management interface. We tagged these assets with ‘PAN-SA-2024-0015’ and a last seen timestamp (in UTC). If you do not see any such assets listed, then our scan did not find any devices associated with your account in the past three days that have an internet-facing management interface.
GlobalProtect™ portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you are exposing the firewall to attacks through the management web interface (typically accessible on port 4443).
Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review more information about how to secure management access to your Palo Alto Networks firewalls in these documents:
Palo Alto Networks LIVEcommunity article: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431
Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | No action needed. | |
| PAN-OS 11.1 | No action needed. | |
| PAN-OS 11.0* | \n 11.0.0 through 11.0.2 | \nUpgrade to 11.0.3 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.7 | \nUpgrade to 10.2.8 or later. | \n
| PAN-OS 10.1 | Upgrade to 10.2.8 or 11.0.3 or later. | |
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
*PAN-OS 11.0 has reached EoL. We listed it here for completeness because a patch for PAN-OS 11.0 was released before it reached EoL. If you are still using any vulnerable EoL versions, we strongly recommend that you upgrade to a supported fixed PAN-OS version.
"}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2025-06-11T16:00:00.000Z","lang":"en","value":"Initial Publication"}],"credits":[{"lang":"en","value":"spcnvdr","type":"finder"}],"source":{"defect":["PAN-215223"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.0.2-h5","PAN-OS 11.0.2-h4","PAN-OS 11.0.2-h3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h5","PAN-OS 11.0.1-h4","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h4","PAN-OS 11.0.0-h3","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h14","PAN-OS 10.1.14-h13","PAN-OS 10.1.14-h11","PAN-OS 10.1.14-h10","PAN-OS 10.1.14-h9","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2025-4230","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI","datePublic":"2025-06-11T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-248","descriptions":[{"lang":"en","value":"CAPEC-248 Command Injection"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.14:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.13:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.10:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.7:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.1.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"11.2.0","lessThan":"11.2.6","changes":[{"at":"11.2.6","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.6-h14","changes":[{"at":"11.1.10","status":"unaffected"},{"at":"11.1.6-h14","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.10-h27","changes":[{"at":"10.2.10-h27","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.1.0","lessThan":"10.1.14-h15","changes":[{"at":"10.1.14-h15","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.2.0","versionEndExcluding":"11.2.6"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.6","versionEndExcluding":"11.1.6-h14"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"11.1.0","versionEndExcluding":"11.1.10"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.10","versionEndExcluding":"10.2.10-h27"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.1.14","versionEndExcluding":"10.1.14-h15"}]}]}],"descriptions":[{"lang":"en","value":"A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.\n\nThe security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.\n\nCloud NGFW and Prisma® Access are not affected by this vulnerability.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. To be able to exploit this issue, the user must have access to the PAN-OS CLI.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.| Version | Minor Version | Suggested Solution |
|---|---|---|
| Cloud NGFW All | No action needed. | |
| PAN-OS 11.2 | \n 11.2.0 through 11.2.5 | \nUpgrade to 11.2.6 or later. | \n
| PAN-OS 11.1 | \n 11.1.0 through 11.1.6 | \nUpgrade to 11.1.6-h14 or 11.1.10 or later. | \n
| PAN-OS 10.2 | \n 10.2.0 through 10.2.10 | \nUpgrade to 10.2.10-h27 or later. | \n
| PAN-OS 10.1 | \n 10.1.0 through 10.1.14 | \nUpgrade to 10.1.14-h15 or later. | \n
| All older unsupported PAN-OS versions | Upgrade to a supported fixed version. | |
| Prisma Access All | No action needed. |
A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated attacker to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successful attempts to trigger this condition will cause the firewall to enter maintenance mode.
This issue does not affect Cloud NGFW or Prisma Access.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2025-0130","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":8.2,"threatSeverity":"MEDIUM","threatScore":4.6,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/AU:Y/R:U/V:C/RE:L/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue only affects PAN-OS firewalls that have the web proxy feature enabled. This feature is only available on PAN-OS 11.0 and above. Additionally a license is required to use the web proxy feature.\nTo verify if you have configured web proxy on your PAN-OS device, see our documentation regarding the web proxy feature (https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-new-features/networking-features/web-proxy).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue only affects PAN-OS firewalls that have the web proxy feature enabled. This feature is only available on PAN-OS 11.0 and above. Additionally a license is required to use the web proxy feature.| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later. |
| PAN-OS 11.1 | 11.1.0 through 11.1.7 | Upgrade to 11.1.7-h2 or 11.1.8 or later. |
| 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or 11.1.8 or later. | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version. | |
| PAN-OS 10.2 | No action needed. | |
| PAN-OS 10.1 | No action needed. | |
| All other unsupported PAN-OS versions | Upgrade to a supported fixed version. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 on VM-Series | No action needed | |
| PAN-OS 11.1 on VM-Series | No action needed | |
| PAN-OS 11.0 on VM-Series | 11.0.0 through 11.0.3 | Upgrade to 11.0.4 or later |
| PAN-OS 10.2 on VM-Series | 10.2.0 through 10.2.8 | Upgrade to 10.2.9 or later |
| PAN-OS 10.1 on VM-Series | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h13 or later |
| PAN-OS on non VM-Series platforms | No action needed | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version |
A denial-of-service (DoS) vulnerability in the Simple Certificate Enrollment Protocol (SCEP) authentication feature of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode.
Cloud NGFW is not affected by this vulnerability. Prisma® Access software is proactively patched and protected from this issue.
> debug sslmgr set disable-scep-auth-cookie yes
CAUTION: This workaround is effective only until the next reboot, after which you must rerun this command to stay protected."}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nPAN-OS 11.2 11.2.0 through 11.2.2 Upgrade to 11.2.3 or later\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.5 or later\nPAN-OS 11.0 11.0.0 through 11.0.5 Upgrade to 11.0.6 or later\nPAN-OS 10.2 10.2.0 through 10.2.10 Upgrade to 10.2.11 or later\nPAN-OS 10.1 10.1.0 through 10.1.14 Upgrade to 10.1.14-h11 or later\nAll other older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\n\n\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade to a fixed supported version.\n\nWe proactively initiated the upgrade through Prisma Access March 21, 2025, to cover all tenants.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.2 | Upgrade to 11.2.3 or later |
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.5 or later |
| PAN-OS 11.0 | 11.0.0 through 11.0.5 | Upgrade to 11.0.6 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.10 | Upgrade to 10.2.11 or later |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
This issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.
You can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network → GlobalProtect → Portals).
If you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network → GlobalProtect → Portals → (portal-config) → Authentication).
"}]}],"workarounds":[{"lang":"en","value":"This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab).","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation.
"}]}],"solutions":[{"lang":"eng","value":"VERSION MINOR VERSION SUGGESTED SOLUTION\nPAN-OS 11.2 11.2.0 through 11.2.2 Upgrade to 11.2.3 or later\nPAN-OS 11.1 11.1.0 through 11.1.4 Upgrade to 11.1.5 or later\nPAN-OS 11.0 11.0.0 through 11.0.5 Upgrade to 11.0.6 or later\nPAN-OS 10.2 10.2.10 Upgrade to 10.2.10-h6 or 10.2.11 or later\n 10.2.5 through 10.2.9 Upgrade to 10.2.9-h13 or 10.2.11 or later\n 10.2.0 through 10.2.4 Upgrade to 10.2.4-h25 or 10.2.11 or later\nPAN-OS 10.1 10.1.0 through 10.1.14 Upgrade to 10.1.14-h11 or later\nAll other older Upgrade to a supported fixed version.\nunsupported\nPAN-OS versions\n\n\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.\n\nWe proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants.\n\n\n","supportingMedia":[{"type":"text/html","base64":false,"value":"| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.2 | 11.2.0 through 11.2.2 | Upgrade to 11.2.3 or later |
| PAN-OS 11.1 | 11.1.0 through 11.1.4 | Upgrade to 11.1.5 or later |
| PAN-OS 11.0 | 11.0.0 through 11.0.5 | Upgrade to 11.0.6 or later |
| PAN-OS 10.2 | 10.2.10 | Upgrade to 10.2.10-h6 or 10.2.11 or later |
| 10.2.5 through 10.2.9 | Upgrade to 10.2.9-h13 or 10.2.11 or later | |
| 10.2.0 through 10.2.4 | Upgrade to 10.2.4-h25 or 10.2.11 or later | |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 11.0 | 11.0.0 through 11.0.1 | Upgrade to 11.0.2 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.4 | Upgrade to 10.2.5 or later |
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h11 or later |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.
Use the following steps to identify your recently detected devices in our internet scans.
GlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).
"}]}],"workarounds":[{"lang":"en","value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article:https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation:https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943).","supportingMedia":[{"type":"text/html","base64":false,"value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review information about how to secure management access to your Palo Alto Networks firewalls:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h9 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.13 | Upgrade to 10.2.13-h3 or later |
| 10.2.7 | Upgrade to 10.2.7-h24 or 10.2.13-h3 or later | |
| 10.2.8 | Upgrade to 10.2.8-h21 or 10.2.13-h3 or later | |
| 10.2.9 | Upgrade to 10.2.9-h21 or 10.2.13-h3 or later | |
| 10.2.10 | Upgrade to 10.2.10-h14 or 10.2.13-h3 or later | |
| 10.2.11 | Upgrade to 10.2.11-h12 or 10.2.13-h3 or later | |
| 10.2.12 | Upgrade to 10.2.12-h6 or 10.2.13-h3 or later | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version | |
| PAN-OS 11.1 | 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or later |
| 11.1.2 | Upgrade to 11.1.2-h18 or 11.1.6-h1 or later | |
| 11.1.4 | Upgrade to 11.1.4-h13 or 11.1.6-h1 or later | |
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later |
| 11.2.4 | Upgrade to 11.2.4-h4 or 11.2.5 or later | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces.
"}]}],"timeline":[{"time":"2025-02-18T23:00:00.000Z","lang":"en","value":"Updated the exploit status and solutions table"},{"time":"2025-02-18T19:30:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2"},{"time":"2025-02-18T07:06:00.000Z","lang":"en","value":"Updated exploit status"},{"time":"2025-02-12T23:45:00.000Z","lang":"en","value":"Added Threat Prevention Threat ID to Workarounds and Mitigations"},{"time":"2025-02-12T17:00:00.000Z","lang":"en","value":"Initial Publication"},{"time":"2025-02-19T23:15:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2 and 11.1"},{"time":"2025-02-21T17:10:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 11.1 and 11.2"},{"time":"2025-02-21T23:00:00.000Z","lang":"en","value":"Clarified recommended remediations and added a FAQ"},{"time":"2025-03-06T23:00:00.000Z","lang":"en","value":"Updated to explicitly state that end-of-life (EoL) versions are presumed to be affected"}],"credits":[{"lang":"en","value":"Adam Kues - Assetnote Security Research Team","type":"finder"},{"lang":"en","value":"our Deep Product Security Research Team","type":"finder"}],"source":{"defect":["PAN-273971"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2025-0111","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface","datePublic":"2025-02-12T17:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-73","description":"CWE-73: External Control of File Name or Path","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-165","descriptions":[{"lang":"en","value":"CAPEC-165 File Manipulation"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"],"versions":[{"status":"affected","version":"10.1.0","lessThan":"10.1.14-h9","changes":[{"at":"10.1.14-h9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.7-h24","changes":[{"at":"10.2.7-h24","status":"unaffected"},{"at":"10.2.8-h21","status":"unaffected"},{"at":"10.2.9-h21","status":"unaffected"},{"at":"10.2.12-h6","status":"unaffected"},{"at":"10.2.13-h3","status":"unaffected"},{"at":"10.2.10-h14","status":"unaffected"},{"at":"10.2.11-h12","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.6-h1","changes":[{"at":"11.1.6-h1","status":"unaffected"},{"at":"11.1.2-h18","status":"unaffected"},{"at":"11.1.4-h13","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.0","lessThan":"11.2.4-h4","changes":[{"at":"11.2.4-h4","status":"unaffected"},{"at":"11.2.5","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.\n\nThe attacker must have network access to the management web interface to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431).\n\n\n\nThis issue does not affect Cloud NGFW or Prisma Access software.","supportingMedia":[{"type":"text/html","base64":false,"value":"An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
The attacker must have network access to the management web interface to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines.
This issue does not affect Cloud NGFW or Prisma Access software.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2025-0111","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet. Our recommendation is to remediate as soon as possible."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"RED","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":7.1,"threatSeverity":"HIGH","threatScore":7.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/AU:N/R:U/V:C/RE:M/U:Red"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses. We recommend remediating this vulnerability in your next scheduled maintenance cycle."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"MEDIUM","baseScore":5.9,"threatSeverity":"LOW","threatScore":2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\n\n 1. Directly; or\n 2. Through a dataplane interface that includes a management interface profile.\n\nYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\n\nUse the following steps to identify your recently detected devices in our internet scans.\n\n 1. To find any assets that require remediation action, visit the Assets section of the Customer Support Portal at https://support.paloaltonetworks.com (https://support.paloaltonetworks.com/) (Products → Assets → All Assets → Remediation Required).\n 2. Review the list of your devices that we discovered in our scans to have an internet-facing management interface and that we tagged with ‘PAN-SA-2024-0015’ and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices on your account to have an internet-facing management interface within the past three days.\n\nGlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).","supportingMedia":[{"type":"text/html","base64":false,"value":"The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:
You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.
Use the following steps to identify your recently detected devices in our internet scans.
GlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).
"}]}],"workarounds":[{"lang":"en","value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines (https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431). Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article:https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\n * Palo Alto Networks official and detailed technical documentation:https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\n\nAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943).\nhttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices","supportingMedia":[{"type":"text/html","base64":false,"value":"Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines. Specifically, you should restrict management interface access to only trusted internal IP addresses.
Review information about how to secure management access to your Palo Alto Networks firewalls:
| Version | Minor Version | Suggested Solution |
|---|---|---|
| PAN-OS 10.1 | 10.1.0 through 10.1.14 | Upgrade to 10.1.14-h9 or later |
| PAN-OS 10.2 | 10.2.0 through 10.2.13 | Upgrade to 10.2.13-h3 or later |
| 10.2.7 | Upgrade to 10.2.7-h24 or 10.2.13-h3 or later | |
| 10.2.8 | Upgrade to 10.2.8-h21 or 10.2.13-h3 or later | |
| 10.2.9 | Upgrade to 10.2.9-h21 or 10.2.13-h3 or later | |
| 10.2.10 | Upgrade to 10.2.10-h14 or 10.2.13-h3 or later | |
| 10.2.11 | Upgrade to 10.2.11-h12 or 10.2.13-h3 or later | |
| 10.2.12 | Upgrade to 10.2.12-h6 or 10.2.13-h3 or later | |
| PAN-OS 11.0 (EoL) | Upgrade to a supported fixed version | |
| PAN-OS 11.1 | 11.1.0 through 11.1.6 | Upgrade to 11.1.6-h1 or later |
| 11.1.2 | Upgrade to 11.1.2-h18 or 11.1.6-h1 or later | |
| 11.1.4 | Upgrade to 11.1.4-h13 or 11.1.6-h1 or later | |
| PAN-OS 11.2 | 11.2.0 through 11.2.4 | Upgrade to 11.2.5 or later |
| 11.2.4 | Upgrade to 11.2.4-h4 or 11.2.5 or later | |
| All other older unsupported PAN-OS versions | Upgrade to a supported fixed version. |
Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces.
"}]}],"timeline":[{"time":"2025-02-19T23:15:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2 and 11.1."},{"time":"2025-02-18T23:00:00.000Z","lang":"en","value":"Updated exploit status and solution table."},{"time":"2025-02-18T19:30:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2."},{"time":"2025-02-12T23:45:00.000Z","lang":"en","value":"Added Threat Prevention Threat ID to Workarounds and Mitigations."},{"time":"2025-02-12T17:00:00.000Z","lang":"en","value":"Initial Publication."},{"time":"2025-02-21T17:10:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 11.1 and 11.2."},{"time":"2025-02-24T22:30:00.000Z","lang":"en","value":"Clarified recommended remediations and added a FAQ."},{"time":"2025-02-26T19:15:00.000Z","lang":"en","value":"Added remediation guidance in the FAQ."},{"time":"2025-03-06T23:00:00.000Z","lang":"en","value":"Updated to explicitly state that end-of-life (EoL) versions are presumed to be affected"}],"credits":[{"lang":"en","value":"Émilio Gonzalez","type":"finder"},{"lang":"en","value":"Maxime Gaudreault","type":"finder"},{"lang":"en","value":"our Deep Product Security Research Team","type":"finder"}],"source":{"defect":["PAN-273994"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"PAN-SA-2025-0001","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"Expedition: Multiple Vulnerabilities in Expedition Migration Tool Lead to Exposure of Firewall Credentials","datePublic":"2025-01-08T17:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","type":"CWE"}]},{"descriptions":[{"lang":"en","cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","type":"CWE"}]},{"descriptions":[{"lang":"en","cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","type":"CWE"}]},{"descriptions":[{"lang":"en","cweId":"CWE-155","description":"CWE-155 Improper Neutralization of Wildcards or Matching Symbols","type":"CWE"}]},{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-66","descriptions":[{"lang":"en","value":"CAPEC-66 SQL Injection"}]},{"capecId":"CAPEC-63","descriptions":[{"lang":"en","value":"CAPEC-63 Cross-Site Scripting (XSS)"}]},{"capecId":"CAPEC-165","descriptions":[{"lang":"en","value":"CAPEC-165 File Manipulation"}]},{"capecId":"CAPEC-127","descriptions":[{"lang":"en","value":"CAPEC-127 Directory Indexing"}]},{"capecId":"CAPEC-88","descriptions":[{"lang":"en","value":"CAPEC-88 OS Command Injection"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Expedition","versions":[{"status":"affected","version":"1","lessThan":"1.2.101","changes":[{"at":"1.2.101","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Panorama","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and delete arbitrary files on the Expedition system. These files include information such as usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.\n\n\nExpedition, previously known as the Migration Tool, is a free tool that facilitates migration to the Palo Alto Networks NGFW platform from other firewall vendors and provides a temporary workspace for optimizing Palo Alto Networks security policies. Expedition is designed to only be used temporarily for migration purposes, not to be run in production. You do not need it to operate any Palo Alto Networks products or services. Expedition reached its End of Life (EoL) date on December 31, 2024. Please use the suggested alternatives listed in the Expedition End of Life Announcement (https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642).\n\nThese issues do not otherwise impact firewalls, Panorama appliances, Prisma Access deployments, or Cloud NGFWs.","supportingMedia":[{"type":"text/html","base64":false,"value":"Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and delete arbitrary files on the Expedition system. These files include information such as usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Expedition, previously known as the Migration Tool, is a free tool that facilitates migration to the Palo Alto Networks NGFW platform from other firewall vendors and provides a temporary workspace for optimizing Palo Alto Networks security policies. Expedition is designed to only be used temporarily for migration purposes, not to be run in production. You do not need it to operate any Palo Alto Networks products or services. Expedition reached its End of Life (EoL) date on December 31, 2024. Please use the suggested alternatives listed in the Expedition End of Life Announcement.
These issues do not otherwise impact firewalls, Panorama appliances, Prisma Access deployments, or Cloud NGFWs.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/PAN-SA-2025-0001","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"CVE-2025-0103"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"CRITICAL","baseScore":9.2,"threatSeverity":"HIGH","threatScore":7.8,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:H/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"CVE-2025-0104"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"AMBER","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":7,"threatSeverity":"MEDIUM","threatScore":4.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:H/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"CVE-2025-0105"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"GREEN","exploitMaturity":"UNREPORTED","baseSeverity":"MEDIUM","baseScore":6.9,"threatSeverity":"LOW","threatScore":2.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:H/U:Green"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"CVE-2025-0106"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"GREEN","exploitMaturity":"UNREPORTED","baseSeverity":"MEDIUM","baseScore":6.9,"threatSeverity":"LOW","threatScore":2.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:H/U:Green"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"CVE-2025-0107"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"GREEN","exploitMaturity":"UNREPORTED","baseSeverity":"HIGH","baseScore":7.7,"threatSeverity":"MEDIUM","threatScore":4.4,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:N/SA:N/E:U/AU:N/R:U/V:C/RE:H/U:Green"}}],"configurations":[{"lang":"en","value":"No special configuration is required to be affected by these issues.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"No special configuration is required to be affected by these issues."}]}],"workarounds":[{"lang":"en","value":"Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down.","supportingMedia":[{"type":"text/html","base64":false,"value":"Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down.
"}]}],"solutions":[{"lang":"eng","value":"The following CVEs are fixed in the specified Expedition version and all later versions* of Expedition.\n\n\nCVE EXPEDITION\nCVE-2025-0103 Expedition 1.2.100\nCVE-2025-0104 Expedition 1.2.100\nCVE-2025-0105 Expedition 1.2.101\nCVE-2025-0106 Expedition 1.2.101\nCVE-2025-0107 Expedition 1.2.100\n\n* Expedition reached its End of Life (EoL) date (https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642) and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement (https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642).\n","supportingMedia":[{"type":"text/html","base64":false,"value":"The following CVEs are fixed in the specified Expedition version and all later versions* of Expedition.
| CVE | Expedition |
|---|---|
| CVE-2025-0103 | Expedition 1.2.100 |
| CVE-2025-0104 | Expedition 1.2.100 |
| CVE-2025-0105 | Expedition 1.2.101 |
| CVE-2025-0106 | Expedition 1.2.101 |
| CVE-2025-0107 | Expedition 1.2.100 |
* Expedition reached its End of Life (EoL) date and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement.
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
This issue is applicable to the PAN-OS software versions listed below on PA-Series firewalls, VM-Series firewalls, CN-Series firewalls, and Prisma Access.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-3393","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"An attacker sends a malicious packet through the firewall, which processes a malicious packet that triggers this issue."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"LOW","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":8.7,"threatSeverity":"HIGH","threatScore":8.7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:A/AU:N/R:U/V:C/RE:M/U:Amber"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"Prisma Access, when only providing access to authenticated end users, processes a malicious packet that triggers this issue."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"LOW","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"ATTACKED","baseSeverity":"HIGH","baseScore":7.1,"threatSeverity":"HIGH","threatScore":7.1,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L/E:A/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue does not affect Cloud NGFW, Panorama M-Series, or Panorama virtual appliances.\n\nBoth of the following must be true for PAN-OS software to be affected:\n\n 1. Either a DNS Security License or an Advanced DNS Security License must be applied, AND\n 2. DNS Security logging must be enabled.\n\nYou can check for existing DNS Security Configuration in your firewalls using the PAN-OS CLI:\n\n> show config merged | match log-level\n\n * Look for entries with the string 'log-level':\n \n * If no entries are found (output is empty) or all entries show 'log-level none;', your configuration is not vulnerable, and no workaround is needed.\n * If any entries show values other than 'log-level none;', your configuration is vulnerable. You should either upgrade PAN-OS or follow the steps in the workaround section.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue does not affect Cloud NGFW, Panorama M-Series, or Panorama virtual appliances.Prisma Access managed by Strata Cloud Manager (SCM)
Until we perform an upgrade of your Prisma Access tenant, you can disable DNS Security logging across all NGFWs in your tenant by opening a support case. If you would like to expedite the upgrade, please make a note of that in the support case.
"}]}],"solutions":[{"lang":"eng","value":"This issue is fixed in PAN-OS 10.1.15, PAN-OS 10.2.14, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later PAN-OS versions.\n\nNote: PAN-OS 11.0 reached the end of life (EOL) on November 17, 2024, so we do not intend to provide a fix for this release.\n\nPrisma Access customers using DNS Security with affected PAN-OS versions should apply one of the workarounds provided below. We will perform upgrades in two phases for impacted customers on the weekends of January 3rd and January 10th. You can request an expedited Prisma Access upgrade to the latest PAN-OS version by opening a support case (https://support.paloaltonetworks.com/Support/Index).\n\nIn addition, to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.\n\nAdditional PAN-OS 11.1 releases with the fix:\n\n * 11.1.2-h16 (available)\n * 11.1.3-h13 (available)\n * 11.1.4-h7 (available)\n * 11.1.5 (available)\n\nAdditional PAN-OS 10.2 releases with the fix:\n * 10.2.8-h19 (available)\n * 10.2.9-h19 (available)\n * 10.2.10-h12 (available)\n * 10.2.11-h10 (available)\n * 10.2.12-h4 (available)\n * 10.2.13-h2 (available)\n * 10.2.14 (ETA: early March)\n\nAdditional PAN-OS 10.1 releases with the fix:\n * 10.1.14-h8 (available)\n * 10.1.15 (ETA: end of February)\n\nAdditional PAN-OS releases with the fix only applicable to Prisma Access:\n * 10.2.9-h19 (available)\n * 10.2.10-h12 (available)","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 10.1.15, PAN-OS 10.2.14, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later PAN-OS versions.
Note: PAN-OS 11.0 reached the end of life (EOL) on November 17, 2024, so we do not intend to provide a fix for this release.
Prisma Access customers using DNS Security with affected PAN-OS versions should apply one of the workarounds provided below. We will perform upgrades in two phases for impacted customers on the weekends of January 3rd and January 10th. You can request an expedited Prisma Access upgrade to the latest PAN-OS version by opening a support case.
In addition, to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.
Additional PAN-OS 11.1 releases with the fix:
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474.
The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines.
This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software on PA-Series, VM-Series, and CN-Series firewalls and on Panorama (virtual and M-Series).
Cloud NGFW and Prisma Access are not impacted by this vulnerability.
"}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-0012","tags":["vendor-advisory"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"RED","exploitMaturity":"ATTACKED","baseSeverity":"CRITICAL","baseScore":9.3,"threatSeverity":"CRITICAL","threatScore":9.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:A/AU:N/R:U/V:C/RE:H/U:Red"}},{"format":"CVSS","scenarios":[{"lang":"en","value":"If you configure restricted access to a jump box that is the only system allowed to access the management interface, you greatly reduce the risk of exploitation because attacks would require privileged access using only those IP addresses."}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"RED","exploitMaturity":"ATTACKED","baseSeverity":"MEDIUM","baseScore":5.9,"threatSeverity":"MEDIUM","threatScore":5.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:A/AU:N/R:U/V:C/RE:H/U:Red"}}],"configurations":[{"lang":"en","value":"The risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:\n\n 1. Directly\n or\n 2. Through a dataplane interface that includes a management interface profile.\n\nThe risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.\n\nUse the following steps to identify your recently detected devices in our Internet scans:\n\n 1. To find your known assets that require remediation action, visit the Assets section of Customer Support Portal at https://support.paloaltonetworks.com (https://support.paloaltonetworks.com/) (Products → Assets → All Assets → Remediation Required).\n 2. The list of your known devices with an internet-facing management interface discovered in our scans are tagged with PAN-SA-2024-0015 with a last seen timestamp in UTC. If no such devices are listed, it indicates our scan did not find any devices with internet-facing management interface for your account in the last three days.\n\nGlobalProtect Portals and Gateways are not vulnerable to this issue. However, if a management profile is configured on interfaces with GlobalProtect portals or gateways, then it exposes the device to attacks via the management web interface (typically accessible on port 4443) in such cases.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"The risk is greatest if you configure the management interface to enable access from the internet or any untrusted network either:
The risk is greatly reduced if you make sure that only trusted internal IP addresses are allowed to access the management interface.
Use the following steps to identify your recently detected devices in our Internet scans:
Recommended mitigation—The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you haven’t already, we strongly recommend that you secure access to your management interface according to our best practice deployment guidelines. Specifically, you should restrict access to the management interface to only trusted internal IP addresses to prevent external access from the internet.
Additionally, if you have a Threat Prevention subscription, you can block these attacks using Threat IDs 95746, 95747, 95752, 95753, 95759, and 95763 (available in Applications and Threats content version 8915-9075 and later). For these Threat IDs to protect against attacks for this vulnerability,
We strongly recommend that you secure access to your management interface following the instructions in the workarounds section below.
This issue is fixed in PAN-OS 10.2.12-h2, PAN-OS 11.0.6-h1, PAN-OS 11.1.5-h1, PAN-OS 11.2.4-h1, and all later PAN-OS versions.
In addition, in an attempt to provide the most seamless upgrade path for our customers, we are making fixes available for other TAC-preferred and commonly deployed maintenance releases.
set system setting ctd nonblocking-pattern-match disable"}]}],"solutions":[{"lang":"eng","value":"This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 10.2.7-h16, PAN-OS 10.2.8-h13, PAN-OS 10.2.9-h14, PAN-OS 10.2.10-h7, PAN-OS 10.2.11-h4, PAN-OS 11.1.2-h14, PAN-OS 11.1.3-h10, PAN-OS 11.2.2-h3, PAN-OS 11.2.3, and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, customers have reported encountering this issue during normal operations."}]}],"timeline":[{"time":"2024-11-13T17:00:00.000Z","lang":"en","value":"Initial publication"}],"source":{"defect":["PAN-262287","PAN-226361"],"discovery":"USER"},"x_generator":{"engine":"Vulnogram 0.1.0-dev"},"x_affectedList":["PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-2550","assignerOrgId":"00000000-0000-4000-9000-000000000000","serial":1,"state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000"},"title":"PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet","datePublic":"2024-11-13T18:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-476","description":"CWE-476 NULL Pointer Dereference","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-129","descriptions":[{"lang":"en","value":"CAPEC-129 Pointer Manipulation"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"unaffected","version":"11.2.0","versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.5","changes":[{"at":"11.1.5","status":"unaffected"},{"at":"11.1.4-h9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.0.0","lessThan":"11.0.6","changes":[{"at":"11.0.6","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.11","changes":[{"at":"10.2.11","status":"unaffected"},{"at":"10.2.10-h10","status":"unaffected"},{"at":"10.2.9-h18","status":"unaffected"},{"at":"10.2.8-h18","status":"unaffected"},{"at":"10.2.7-h21","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\n","supportingMedia":[{"type":"text/html","base64":false,"value":"A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Multiple vulnerabilities in Palo Alto Networks Expedition allow an attacker to read Expedition database contents and arbitrary files, as well as write arbitrary files to temporary storage locations on the Expedition system. Combined, these include information such as usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.\n\nThese issues do not affect the firewalls, Panorama, Prisma Access, or Cloud NGFW."}]}],"references":[{"url":"https://security.paloaltonetworks.com/PAN-SA-2024-0010","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"HIGH","providerUrgency":"AMBER","exploitMaturity":"NOT_DEFINED","baseSeverity":"CRITICAL","baseScore":9.9,"threatSeverity":"CRITICAL","threatScore":9.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber"}}],"workarounds":[{"lang":"en","value":"Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nIf Expedition is not in active use, ensure that Expedition software is shut down.\n\nFor CVE-2024-9465, you can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised.\n\nThere are no practical indicators of compromise for the remainder of the CVEs in this advisory.","supportingMedia":[{"type":"text/html","base64":false,"value":"Ensure networks access to Expedition is restricted to authorized users, hosts, or networks.\n\nIf Expedition is not in active use, ensure that Expedition software is shut down.\n\nFor CVE-2024-9465, you can check for an indicator of compromise with the following command on an Expedition system (replace \"root\" with your username if you are using a different username):\n\n mysql -uroot -p -D pandb -e \"SELECT * FROM cronjobs;\"\n\nIf you see any records returned, this indicates a potential compromise. Please note that if no records are returned, the system may still be compromised. This is only intended to indicate a potential compromise, rather than confirm a system has not been compromised.\n\nThere are no practical indicators of compromise for the remainder of the CVEs in this advisory."}]}],"solutions":[{"lang":"en","value":"The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe cleartext file affected by CVE-2024-9466 will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating.","supportingMedia":[{"type":"text/html","base64":false,"value":"The fixes for all listed issues are available in Expedition 1.2.96, and all later Expedition versions.\n\nThe cleartext file affected by CVE-2024-9466 will be removed automatically during the upgrade.\n\nAll Expedition usernames, passwords, and API keys should be rotated after upgrading to the fixed version of Expedition.\n\nAll firewall usernames, passwords, and API keys processed by Expedition should be rotated after updating."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is aware of reports from CISA that there is evidence of active exploitation for CVE-2024-9463 and CVE-2024-9465. More information can be found at https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-adds-two-known-exploited-vulnerabilities-catalog.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is aware of reports from CISA that there is evidence of active exploitation for CVE-2024-9463 and CVE-2024-9465. More information can be found at https://www.cisa.gov/news-events/alerts/2024/11/14/cisa-adds-two-known-exploited-vulnerabilities-catalog."}]}],"timeline":[{"time":"2024-11-14T21:30:00.000Z","lang":"eng","value":"Updated Exploitation Status section with report from CISA"},{"time":"2024-10-09T22:32:00.000Z","lang":"eng","value":"Clarified that firewalls, Panorama, Prisma Access, and Cloud NGFW are not affected"},{"time":"2024-10-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Zach Hanley (@hacks_zach) of Horizon3.ai for discovering and reporting CVE-2024-9464, CVE-2024-9465, and CVE-2024-9466.","type":"finder"},{"lang":"en","value":"Palo Alto Networks thanks Enrique Castillo of Palo Alto Networks for discovering and reporting CVE-2024-9463, CVE-2024-9464, CVE-2024-9465, and CVE-2024-9467.","type":"finder"}],"source":{"discovery":"EXTERNAL"},"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"x_affectedList":["Expedition"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-9468","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2024-10-14T00:00:00.000Z","serial":1,"dateReserved":"2024-10-09T07:00:00.000Z","datePublished":"2024-10-09T07:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"palo_alto","dateUpdated":"2024-10-09T17:05:00.000Z"},"title":"PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet","datePublic":"2024-10-09T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-787","description":"CWE-787 Out-of-bounds Write","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-583","descriptions":[{"lang":"en","value":"CAPEC-583 Disabling Network Hardware"}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h23:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h22:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h21:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h20:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h19:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h18:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h17:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*"],"versions":[{"status":"unaffected","version":"11.2.0","versionType":"custom"},{"status":"affected","version":"11.1.0","lessThan":"11.1.3","changes":[{"at":"11.1.3","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.0.0","lessThan":"11.0.4-h5","changes":[{"at":"11.0.4-h5","status":"unaffected"},{"at":"11.0.6","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.2.0","lessThan":"10.2.4-h24","changes":[{"at":"10.2.9-h11","status":"unaffected"},{"at":"10.2.10-h4","status":"unaffected"},{"at":"10.2.11","status":"unaffected"},{"at":"10.2.8-h20","status":"unaffected"},{"at":"10.2.7-h24","status":"unaffected"},{"at":"10.2.4-h24","status":"unaffected"}],"versionType":"custom"},{"status":"unaffected","version":"10.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.","supportingMedia":[{"type":"text/html","base64":true,"value":"
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode."}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-9468","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","exploitMaturity":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.2,"threatSeverity":"HIGH","threatScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L/U:Amber"}}],"configurations":[{"lang":"en","value":"This issue affects only PAN-OS configurations where all of the following are true:\n* Threat Prevention is enabled.\n* The Threat Prevention signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile.\n* This setting is enabled: Device > Setup > Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue affects only PAN-OS configurations where all of the following are true:\n* Threat Prevention is enabled.\n* The Threat Prevention signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile.\n* This setting is enabled: Device > Setup > Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection."}]}],"workarounds":[{"lang":"en","value":"Customers can block attacks for this vulnerability by disabling this setting: Device > Setup Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.\n\nCustomers with a Threat Prevention subscription, who want to keep domain fronting detection enabled, can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854).","supportingMedia":[{"type":"text/html","base64":false,"value":"Customers can block attacks for this vulnerability by disabling this setting: Device > Setup Session > Decryption Settings > SSL Decryption Settings > Send handshake messages to CTD for inspection.\n\nCustomers with a Threat Prevention subscription, who want to keep domain fronting detection enabled, can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)."}]}],"solutions":[{"lang":"en","value":"This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2025-04-30T17:45:00.000Z","lang":"en","value":"Updated fix availability for PAN-OS 10.2"},{"time":"2024-10-14T22:40:00.000Z","lang":"eng","value":"Clarified the Required Configuration for Exposure section"},{"time":"2024-10-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}],"credits":[{"lang":"en","value":"This issue was found by Jeff Luo of Palo Alto Networks during internal review.","type":"finder"}],"source":{"defect":["PAN-244840"],"discovery":"INTERNAL"},"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"x_affectedList":["PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 11.0.5-h2","PAN-OS 11.0.5-h1","PAN-OS 11.0.5","PAN-OS 11.0.4-h4","PAN-OS 11.0.4-h3","PAN-OS 11.0.4-h2","PAN-OS 11.0.4-h1","PAN-OS 11.0.4","PAN-OS 11.0.3-h13","PAN-OS 11.0.3-h12","PAN-OS 11.0.3-h11","PAN-OS 11.0.3-h10","PAN-OS 11.0.3-h9","PAN-OS 11.0.3-h8","PAN-OS 11.0.3-h7","PAN-OS 11.0.3-h6","PAN-OS 11.0.3-h5","PAN-OS 11.0.3-h4","PAN-OS 11.0.3-h3","PAN-OS 11.0.3-h2","PAN-OS 11.0.3-h1","PAN-OS 11.0.3","PAN-OS 11.0.2-h5","PAN-OS 11.0.2-h4","PAN-OS 11.0.2-h3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h5","PAN-OS 11.0.1-h4","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h4","PAN-OS 11.0.0-h3","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2024-8686","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2024-09-11T00:00:00.000Z","serial":1,"dateReserved":"2024-09-11T07:00:00.000Z","datePublished":"2024-09-11T07:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"palo_alto","dateUpdated":"2024-09-11T16:34:00.000Z"},"title":"PAN-OS: Command Injection Vulnerability","datePublic":"2024-09-11T16:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-78","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":""}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*"],"versions":[{"status":"unaffected","version":"11.2.0","lessThan":"11.2.2","changes":[{"at":"11.2.2","status":"affected"},{"at":"11.2.3","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"11.2.2","versionType":"custom"},{"status":"unaffected","version":"11.1.0","versionType":"custom"},{"status":"unaffected","version":"11.0.0","versionType":"custom"},{"status":"unaffected","version":"10.2.0","versionType":"custom"},{"status":"unaffected","version":"10.1.0","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall.","supportingMedia":[{"type":"text/html","base64":true,"value":"
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as root on the firewall."}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2024-8686","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","exploitMaturity":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.6,"threatSeverity":"HIGH","threatScore":8.6,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber"}}],"configurations":[{"lang":"en","value":"TBD","supportingMedia":[{"type":"text/html","base64":false,"value":"TBD"}]}],"workarounds":[{"lang":"en","value":"TBD","supportingMedia":[{"type":"text/html","base64":false,"value":"TBD"}]}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":false,"value":"This issue is fixed in PAN-OS 11.2.3 and all later PAN-OS versions."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}]}],"timeline":[{"time":"2024-09-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Louis Lingg for discovering and reporting this issue.","type":"finder"}],"source":{"defect":["PAN-263321"],"discovery":"EXTERNAL"},"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"x_affectedList":["PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.2"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-5911","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-07-10T00:00:00","dateReserved":"2024-07-10T00:00:00","dateUpdated":"2024-07-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: File Upload Vulnerability in the Panorama Web Interface","datePublic":"2024-07-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-07-10T18:40:02.209Z"},"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online."}]}],"x_affectedList":["PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"11.0 All","status":"unaffected"},{"version":"11.2 All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.2","status":"affected","lessThan":"10.2.4","versionType":"custom","changes":[{"at":"10.2.4","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.9","versionType":"custom","changes":[{"at":"10.1.9","status":"unaffected"}]}],"platforms":["Panorama"]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-5911"}],"credits":[{"lang":"en","value":"This issue was found by Yasukazu Miyashita of Palo Alto Networks during an internal security review."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":7,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-434 Unrestricted Upload of File with Dangerous Type","cweId":"CWE-434"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-182835"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.1.9, PAN-OS 10.2.4, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-07-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3400","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-12T00:00:00","dateReserved":"2024-04-12T00:00:00","dateUpdated":"2024-05-03T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect","datePublic":"2024-04-12T06:55:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-19T22:27:27.179Z"},"descriptions":[{"lang":"en","value":"A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.\n\nCustomers should continue to monitor this security advisory for the latest updates and product guidance.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.\n\nCloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.\n\nCustomers should continue to monitor this security advisory for the latest updates and product guidance."}]}],"x_affectedList":["PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 11.1","PAN-OS 11.0.4","PAN-OS 11.0.3-h9","PAN-OS 11.0.3-h8","PAN-OS 11.0.3-h7","PAN-OS 11.0.3-h6","PAN-OS 11.0.3-h5","PAN-OS 11.0.3-h4","PAN-OS 11.0.3-h3","PAN-OS 11.0.3-h2","PAN-OS 11.0.3-h1","PAN-OS 11.0.3","PAN-OS 11.0.2-h3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.9","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.2"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"10.0 All","status":"unaffected"},{"version":"10.1 All","status":"unaffected"},{"version":"10.2","status":"affected","lessThan":"10.2.0-h3","versionType":"custom","changes":[{"at":"10.2.0-h3","status":"unaffected"},{"at":"10.2.1-h2","status":"unaffected"},{"at":"10.2.2-h5","status":"unaffected"},{"at":"10.2.3-h13","status":"unaffected"},{"at":"10.2.4-h16","status":"unaffected"},{"at":"10.2.5-h6","status":"unaffected"},{"at":"10.2.6-h3","status":"unaffected"},{"at":"10.2.7-h8","status":"unaffected"},{"at":"10.2.8-h3","status":"unaffected"},{"at":"10.2.9-h1","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.0-h3","versionType":"custom","changes":[{"at":"11.0.0-h3","status":"unaffected"},{"at":"11.0.1-h4","status":"unaffected"},{"at":"11.0.2-h4","status":"unaffected"},{"at":"11.0.3-h10","status":"unaffected"},{"at":"11.0.4-h1","status":"unaffected"}]},{"version":"11.1","status":"affected","lessThan":"11.1.0-h3","versionType":"custom","changes":[{"at":"11.1.0-h3","status":"unaffected"},{"at":"11.1.1-h1","status":"unaffected"},{"at":"11.1.2-h3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3400"},{"tags":["x_refsource_CONFIRM"],"url":"https://unit42.paloaltonetworks.com/cve-2024-3400/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Volexity for detecting and identifying this issue, Capability Development Group at Bishop Fox for helping us improve threat prevention signatures, Nick Wilson, and Louis Lingg for sharing their research into post-exploitation persistence techniques."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"HIGH","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"RED","baseSeverity":"CRITICAL","baseScore":10,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:U/V:C/RE:M/U:Red"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-252214"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\n\nYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals).","supportingMedia":{"value":"This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal (or both). Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.\n\nYou can verify whether you have a GlobalProtect gateway or GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Gateways or Network > GlobalProtect > Portals).","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\n\nTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 for more information.\n\nIn earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.","supportingMedia":{"value":"Recommended Mitigation: Customers with a Threat Prevention subscription can block attacks for this vulnerability using Threat IDs 95187, 95189, and 95191 (available in Applications and Threats content version 8836-8695 and later). Please monitor this advisory and new Threat Prevention content updates for additional Threat Prevention IDs around CVE-2024-3400.\n\nTo apply the Threat IDs, customers must ensure that vulnerability protection has been applied to their GlobalProtect interface to prevent exploitation of this issue on their device. Please see https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 for more information.\n\nIn earlier versions of this advisory, disabling device telemetry was listed as a secondary mitigation action. Disabling device telemetry is no longer an effective mitigation. Device telemetry does not need to be enabled for PAN-OS firewalls to be exposed to attacks related to this vulnerability.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\n\nWe are also aware of proof-of-concept by third parties of post-exploit persistence techniques that survive resets and upgrades. We are not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability. These fixes listed below and Threat Prevention signatures completely prevent the initial remote command execution, stopping subsequent post-exploitation or persistence.\n\nMore information about the vulnerability's exploitation in the wild can be found in the Unit 42 threat brief (https://unit42.paloaltonetworks.com/cve-2024-3400/) and the Palo Alto Networks PSIRT blog post (https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/).","supportingMedia":{"value":"Palo Alto Networks is aware of an increasing number of attacks that leverage the exploitation of this vulnerability. Proof of concepts for this vulnerability have been publicly disclosed by third parties.\n\nWe are also aware of proof-of-concept by third parties of post-exploit persistence techniques that survive resets and upgrades. We are not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability. These fixes listed below and Threat Prevention signatures completely prevent the initial remote command execution, stopping subsequent post-exploitation or persistence.\n\nMore information about the vulnerability's exploitation in the wild can be found in the Unit 42 threat brief (https://unit42.paloaltonetworks.com/cve-2024-3400/) and the Palo Alto Networks PSIRT blog post (https://www.paloaltonetworks.com/blog/2024/04/more-on-the-pan-os-cve/).","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\n\nThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. These fixes and those listed below completely prevent the initial remote command execution, stopping subsequent post-exploitation or persistence.\n\nIn addition, to provide the most seamless upgrade path for customers, additional hotfixes have been made available as a courtesy for other commonly deployed maintenance releases.\n\n PAN-OS 10.2:\n - 10.2.9-h1 (Released 4/14/24)\n - 10.2.8-h3 (Released 4/15/24)\n - 10.2.7-h8 (Released 4/15/24)\n - 10.2.6-h3 (Released 4/16/24)\n - 10.2.5-h6 (Released 4/16/24)\n - 10.2.4-h16 (Released 4/18/24)\n - 10.2.3-h13 (Released 4/18/24)\n - 10.2.2-h5 (Released 4/18/24)\n - 10.2.1-h2 (Released 4/18/24)\n - 10.2.0-h3 (Released 4/18/24)\n \n PAN-OS 11.0:\n - 11.0.4-h1 (Released 4/14/24)\n - 11.0.4-h2 (Released 4/17/24)\n - 11.0.3-h10 (Released 4/16/24)\n - 11.0.2-h4 (Released 4/16/24)\n - 11.0.1-h4 (Released 4/18/24)\n - 11.0.0-h3 (Released 4/18/24)\n \n PAN-OS 11.1:\n - 11.1.2-h3 (Released 4/14/24)\n - 11.1.1-h1 (Released 4/16/24)\n - 11.1.0-h3 (Released 4/16/24)\n\nNote: Due to naming convention limitations, “-h” hotfix versions on Azure marketplace are instead named via addition of an extra “0”. Ex: 11.1.2-h3 is published on Azure as 11.1.203.\n\nIf any exploitation was observed on a device, please take the remediation steps suggested here: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CrO6CAK\n\nAn enhanced factory reset (EFR) procedure that does not rely on the integrity of a potentially compromised device can be scheduled by opening a case through Customer Support (TAC). This is recommended for:\n1. Customers who have not applied the PAN-OS fixes or Threat Prevention signatures with vulnerability protection applied to the GlobalProtect interface (regardless of level of compromise) on or before April 25, 2024; or\n2. Customers who are concerned about a persistent risk.\n","supportingMedia":{"value":"We strongly advise customers to immediately upgrade to a fixed version of PAN-OS to protect their devices even when workarounds and mitigations have been applied.\n\nThis issue is fixed in PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. These fixes and those listed below completely prevent the initial remote command execution, stopping subsequent post-exploitation or persistence.\n\nIn addition, to provide the most seamless upgrade path for customers, additional hotfixes have been made available as a courtesy for other commonly deployed maintenance releases.\n\n PAN-OS 10.2:\n - 10.2.9-h1 (Released 4/14/24)\n - 10.2.8-h3 (Released 4/15/24)\n - 10.2.7-h8 (Released 4/15/24)\n - 10.2.6-h3 (Released 4/16/24)\n - 10.2.5-h6 (Released 4/16/24)\n - 10.2.4-h16 (Released 4/18/24)\n - 10.2.3-h13 (Released 4/18/24)\n - 10.2.2-h5 (Released 4/18/24)\n - 10.2.1-h2 (Released 4/18/24)\n - 10.2.0-h3 (Released 4/18/24)\n \n PAN-OS 11.0:\n - 11.0.4-h1 (Released 4/14/24)\n - 11.0.4-h2 (Released 4/17/24)\n - 11.0.3-h10 (Released 4/16/24)\n - 11.0.2-h4 (Released 4/16/24)\n - 11.0.1-h4 (Released 4/18/24)\n - 11.0.0-h3 (Released 4/18/24)\n \n PAN-OS 11.1:\n - 11.1.2-h3 (Released 4/14/24)\n - 11.1.1-h1 (Released 4/16/24)\n - 11.1.0-h3 (Released 4/16/24)\n\nNote: Due to naming convention limitations, “-h” hotfix versions on Azure marketplace are instead named via addition of an extra “0”. Ex: 11.1.2-h3 is published on Azure as 11.1.203.\n\nIf any exploitation was observed on a device, please take the remediation steps suggested here: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CrO6CAK\n\nAn enhanced factory reset (EFR) procedure that does not rely on the integrity of a potentially compromised device can be scheduled by opening a case through Customer Support (TAC). This is recommended for:\n1. Customers who have not applied the PAN-OS fixes or Threat Prevention signatures with vulnerability protection applied to the GlobalProtect interface (regardless of level of compromise) on or before April 25, 2024; or\n2. Customers who are concerned about a persistent risk.\n","type":"text/html","base64":false}}],"timeline":[{"time":"2024-05-03T04:50:00.000Z","lang":"eng","value":"Enhanced Factory Reset (EFR) Procedure is Available Against any Potential Post-Exploit Persistence Techniques."},{"time":"2024-05-01T23:45:00.000Z","lang":"eng","value":"Answered a FAQ about how to verify the fix or threat prevention signature was applied correctly"},{"time":"2024-04-29T17:58:00.000Z","lang":"eng","value":"Updated exploitation status about proof-of-concept by third parties of post-exploit persistence techniques"},{"time":"2024-04-25T01:48:00.000Z","lang":"eng","value":"Added link to KB article for remediating a device"},{"time":"2024-04-20T18:23:00.000Z","lang":"eng","value":"Answered a FAQ about Tech Support File collection and forensic evidence"},{"time":"2024-04-19T22:25:00.000Z","lang":"eng","value":"Added reference to PSIRT blog post about CVE-2024-3400"},{"time":"2024-04-19T01:15:00.000Z","lang":"eng","value":"Clarified vulnerability title and description"},{"time":"2024-04-17T22:00:00.000Z","lang":"eng","value":"Clarified FAQ regarding evidence of attempted exploit activity"},{"time":"2024-04-17T05:10:00.000Z","lang":"eng","value":"Added new Threat Prevention Threat ID to Workarounds and Mitigations"},{"time":"2024-04-17T02:00:00.000Z","lang":"eng","value":"Added a CLI command to search for possible attempts of exploit activity"},{"time":"2024-04-16T20:45:00.000Z","lang":"eng","value":"Updated product and mitigation guidance, exploit status, and PAN-OS fix availability"},{"time":"2024-04-15T02:30:00.000Z","lang":"eng","value":"All necessary PAN-OS fixes are now available, clarified Workarounds and Mitigations when using Panorama templates"},{"time":"2024-04-14T02:50:00.000Z","lang":"eng","value":"Clarified impact on GlobalProtect portal configurations"},{"time":"2024-04-13T05:50:00.000Z","lang":"eng","value":"Added link to Unit42 threat brief and clarified impact to customer-managed VMs in the cloud"},{"time":"2024-04-12T06:55:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3382","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) via a Burst of Crafted Packets","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:05:47.325Z"},"descriptions":[{"lang":"en","value":"A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A memory leak exists in Palo Alto Networks PAN-OS software that enables an attacker to send a burst of crafted packets through the firewall that eventually prevents the firewall from processing traffic. This issue applies only to PA-5400 Series devices that are running PAN-OS software with the SSL Forward Proxy feature enabled."}]}],"x_affectedList":["PAN-OS 11.1.0","PAN-OS 11.1","PAN-OS 11.0.3-h3","PAN-OS 11.0.3-h2","PAN-OS 11.0.3-h1","PAN-OS 11.0.3","PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"10.1 All","status":"unaffected"},{"version":"10.2","status":"affected","lessThan":"10.2.7-h3","versionType":"custom","changes":[{"at":"10.2.7-h3","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.4","versionType":"custom","changes":[{"at":"11.0.4","status":"unaffected"}]},{"version":"11.1","status":"affected","lessThan":"11.1.2","versionType":"custom","changes":[{"at":"11.1.2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3382"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Celedonio Albarran of Equity Residential and their Infrastructure and Security teams for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-770 Allocation of Resources Without Limits or Throttling","cweId":"CWE-770"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-234921"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption).","supportingMedia":{"value":"This issue applies only to PA-5400 Series devices that are running PAN-OS firewall configurations with the SSL Forward Proxy feature enabled. You can verify whether you have the SSL Forward Proxy feature enabled by checking for decryption policy rules in your firewall web interface (Policies > Decryption).","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator’s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption). Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion).","supportingMedia":{"value":"You can mitigate this issue by disabling decryption on your firewalls. To temporarily disable SSL Decryption, refer to the administrator’s guide for your PAN-OS software (such as PAN-OS 11.1: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/temporarily-disable-ssl-decryption). Additionally, to ensure that decryption remains disabled after a reboot, configure a policy-based decryption exclusion that excludes all traffic from being decrypted (https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-admin/decryption/decryption-exclusions/create-a-policy-based-decryption-exclusion).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.2.7-h3, PAN-OS 11.0.4, PAN-OS 11.1.2, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3383","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Group Membership Change Vulnerability in Cloud Identity Engine (CIE)","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:15.823Z"},"descriptions":[{"lang":"en","value":"A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules."}]}],"x_affectedList":["PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"9.0 All","status":"unaffected"},{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.5","versionType":"custom","changes":[{"at":"10.2.5","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.11","versionType":"custom","changes":[{"at":"10.1.11","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3383"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Rodgers Moore, CCIE# 8153 of Insight.com, for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-282: Improper Ownership Management","cweId":"CWE-282"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-211764","PAN-218522"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine).","supportingMedia":{"value":"This issue applies only to PAN-OS firewall configurations with Cloud Identity Engine (CIE) enabled. You should verify whether CIE is configured on your firewall web interface (Device > User Identification > Cloud Identity Engine).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3385","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) when GTP Security is Disabled","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:28.153Z"},"descriptions":[{"lang":"en","value":"A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls","supportingMedia":[{"type":"text/html","base64":"false","value":"
A packet processing mechanism in Palo Alto Networks PAN-OS software enables a remote attacker to reboot hardware-based firewalls. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.\n\nThis affects the following hardware firewall models:\n- PA-5400 Series firewalls\n- PA-7000 Series firewalls"}]}],"x_affectedList":["PAN-OS 11.0.2-h2","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 9.1.16-h3","PAN-OS 9.1.16-h2","PAN-OS 9.1.16-h1","PAN-OS 9.1.16","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h7","PAN-OS 9.1.14-h6","PAN-OS 9.1.14-h5","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h4","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h6","PAN-OS 9.1.12-h5","PAN-OS 9.1.12-h4","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h4","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h5","PAN-OS 9.0.16-h4","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"9.0","status":"affected","lessThan":"9.0.17-h4","versionType":"custom","changes":[{"at":"9.0.17-h4","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.17","versionType":"custom","changes":[{"at":"9.1.17","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.12","versionType":"custom","changes":[{"at":"10.1.12","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.8","versionType":"custom","changes":[{"at":"10.2.8","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3385"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks an external reporter for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-476: NULL Pointer Dereference","cweId":"CWE-476"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-221224"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled; it does not affect PAN-OS configurations that have GTP Security enabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed.","supportingMedia":{"value":"This does not affect VM-Series firewalls, CN-Series firewalls, Cloud NGFWs, or Prisma Access.\n\nThis issue affects only PAN-OS configurations with GTP Security disabled; it does not affect PAN-OS configurations that have GTP Security enabled. You should verify whether GTP Security is disabled by checking your firewall web interface (Device > Setup > Management > General Settings) and take the appropriate actions as needed.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94993 (introduced in Applications and Threats content version 8832).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. This was encountered by two customers in normal production usage.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.12, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2024-3384","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2024-04-10T00:00:00","dateReserved":"2024-04-10T00:00:00","dateUpdated":"2024-04-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Firewall Denial of Service (DoS) via Malformed NTLM Packets","datePublic":"2024-04-10T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2024-04-10T17:06:21.704Z"},"descriptions":[{"lang":"en","value":"A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to reboot PAN-OS firewalls when receiving Windows New Technology LAN Manager (NTLM) packets from Windows servers. Repeated attacks eventually cause the firewall to enter maintenance mode, which requires manual intervention to bring the firewall back online."}]}],"x_affectedList":["PAN-OS 10.0.11-h3","PAN-OS 10.0.11-h2","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10-h1","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h10","PAN-OS 10.0.8-h9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.15","PAN-OS 9.1.14-h7","PAN-OS 9.1.14-h6","PAN-OS 9.1.14-h5","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h4","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h6","PAN-OS 9.1.12-h5","PAN-OS 9.1.12-h4","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h4","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h5","PAN-OS 9.0.16-h4","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1 All","status":"unaffected"},{"version":"10.2 All","status":"unaffected"},{"version":"11.0 All","status":"unaffected"},{"version":"11.1 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.24","versionType":"custom","changes":[{"at":"8.1.24","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17","versionType":"custom","changes":[{"at":"9.0.17","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.15-h1","versionType":"custom","changes":[{"at":"9.1.15-h1","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.12","versionType":"custom","changes":[{"at":"10.0.12","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2024-3384"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks rqu for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-1286 Improper Validation of Syntactic Correctness of Input","cweId":"CWE-1286"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-198992"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM).","supportingMedia":{"value":"This issue affects only PAN-OS configurations with NTLM authentication enabled. You should verify whether NTLM authentication is enabled by checking your firewall web interface (Device > User Identification > User Mapping > Palo Alto Networks User-ID Agent Setup > NTLM).","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15-h1, PAN-OS 10.0.12, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2024-04-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-6790","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2023-12-13T00:00:00","dateReserved":"2023-12-13T00:00:00","dateUpdated":"2023-12-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface","datePublic":"2023-12-13T17:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2023-12-13T18:15:48.142Z"},"descriptions":[{"lang":"en","value":"A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface."}]}],"x_affectedList":["PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.24-h1","PAN-OS 8.1.24","PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","Cloud NGFW"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.1 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.25","versionType":"custom","changes":[{"at":"8.1.25","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17","versionType":"custom","changes":[{"at":"9.0.17","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.16","versionType":"custom","changes":[{"at":"9.1.16","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.9","versionType":"custom","changes":[{"at":"10.1.9","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.4","versionType":"custom","changes":[{"at":"10.2.4","status":"unaffected"}]},{"version":"11.0","status":"affected","lessThan":"11.0.1","versionType":"custom","changes":[{"at":"11.0.1","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.12","versionType":"custom","changes":[{"at":"10.0.12","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2023-3284"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Kajetan Rostojek for discovering and reporting this issue."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":7.5,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","cweId":"CWE-79"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-193367"],"discovery":"EXTERNAL"},"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nPlease note that customers impacted by the PAN-OS root and default certificate expiration issue must carefully select the fixed version of PAN-OS they upgrade their devices to when addressing this vulnerability to not reintroduce the certificate issue. More information and support for the certificate expiration issue in PAN-OS is available at https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions.\n\nPlease note that customers impacted by the PAN-OS root and default certificate expiration issue must carefully select the fixed version of PAN-OS they upgrade their devices to when addressing this vulnerability to not reintroduce the certificate issue. More information and support for the certificate expiration issue in PAN-OS is available at https://live.paloaltonetworks.com/t5/customer-advisories/emergency-update-required-pan-os-root-and-default-certificate/ta-p/564672.","type":"text/html","base64":false}}],"timeline":[{"time":"2023-12-13T17:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2023-38802","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2023-09-13T16:00:00.000Z","dateReserved":"2023-09-13T16:00:00.000Z","dateUpdated":"2024-01-18T00:00:00.000000Z"},"containers":{"cna":{"title":" PAN-OS: Denial-of-Service (DoS) Vulnerability in BGP Software","datePublic":"2023-09-13T16:00:00.000Z","providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2023-11-15T05:07:02.171314"},"descriptions":[{"lang":"en","value":"BGP software such as FRRouting FRR included as part of the PAN-OS, Prisma SD-WAN ION, and Prisma Access routing features enable a remote attacker to incorrectly reset network sessions though an invalid BGP update. This issue is applicable only to devices and appliances with BGP routing features enabled.\n\nThis issue requires the remote attacker to control at least one established BGP session that is propagated to the router to exploit it. The denial-of-service (DoS) impact on the network is dependent on the network's architecture and fault tolerant design.\n\nPrisma Access ‘Security Processing Node Endpoint Remote Network (SP-RN/Branches)' and 'Service Connections (SCs/CANs)' nodes do not peer with the Internet and do not receive Internet routes directly unless explicitly configured by the customer. Prisma Access Nodes are commonly protected by unaffected customer-premise equipment (CPE router devices). Hence the impact of this issue on Prisma Access is limited.\n\nFurther details about this issue can be found at: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
BGP software such as FRRouting FRR included as part of the PAN-OS, Prisma SD-WAN ION, and Prisma Access routing features enable a remote attacker to incorrectly reset network sessions though an invalid BGP update. This issue is applicable only to devices and appliances with BGP routing features enabled.\n\nThis issue requires the remote attacker to control at least one established BGP session that is propagated to the router to exploit it. The denial-of-service (DoS) impact on the network is dependent on the network's architecture and fault tolerant design.\n\nPrisma Access ‘Security Processing Node Endpoint Remote Network (SP-RN/Branches)' and 'Service Connections (SCs/CANs)' nodes do not peer with the Internet and do not receive Internet routes directly unless explicitly configured by the customer. Prisma Access Nodes are commonly protected by unaffected customer-premise equipment (CPE router devices). Hence the impact of this issue on Prisma Access is limited.\n\nFurther details about this issue can be found at: https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling\n"}]}],"x_affectedList":["Prisma SD-WAN ION 6.2","Prisma SD-WAN ION 6.1","Prisma Access","PAN-OS 11.0.2-h1","PAN-OS 11.0.2","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0","PAN-OS 11.0","PAN-OS 10.2.5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 9.1.16-h2","PAN-OS 9.1.16-h1","PAN-OS 9.1.16","PAN-OS 9.1.15-h1","PAN-OS 9.1.15","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"11.0","status":"affected","lessThan":"11.0.3","versionType":"custom","changes":[{"at":"11.0.3","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.6","versionType":"custom","changes":[{"at":"10.2.6","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.11","versionType":"custom","changes":[{"at":"10.1.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.16-h3","versionType":"custom","changes":[{"at":"9.1.16-h3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.26","versionType":"custom","changes":[{"at":"8.1.26","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.17-h4","versionType":"custom","changes":[{"at":"9.0.17-h4","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"Customers whose most recent software upgrade was before 09/30","status":"affected"},{"version":"Customers who have received a software upgrade or are using new software on or after 09/30","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma SD-WAN ION","versions":[{"version":"5.6 All","status":"unaffected"},{"version":"6.1","status":"affected","lessThan":"6.1.5","versionType":"custom","changes":[{"at":"6.1.5","status":"unaffected"}]},{"version":"6.2","status":"affected","lessThan":"6.2.3","versionType":"custom","changes":[{"at":"6.2.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2023-38802"},{"tags":["x_refsource_CONFIRM"],"url":"https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Ben Cartwright-Cox for discovering this issue in BGP implementations."}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","subConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","subIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"NONE","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"AUTOMATIC","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"LOW","providerUrgency":"AMBER","baseSeverity":"HIGH","baseScore":8.2,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:C/RE:L/U:Amber"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-754 Improper Check for Unusual or Exceptional Conditions","cweId":"CWE-754"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["PAN-227523"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to devices and appliances that are configured with BGP routing features enabled. You can verify whether BGP is enabled for a router by selecting it from 'Network > Virtual Routers’ or 'Network > Logical Routers’ in the web interface of PAN-OS firewalls.\n\nTo exploit this issue, the remote attacker must control at least one established BGP session that is propagated to the router.","supportingMedia":{"value":"This issue is applicable only to devices and appliances that are configured with BGP routing features enabled. You can verify whether BGP is enabled for a router by selecting it from 'Network > Virtual Routers’ or 'Network > Logical Routers’ in the web interface of PAN-OS firewalls.\n\nTo exploit this issue, the remote attacker must control at least one established BGP session that is propagated to the router.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"You can prevent exploitation of this issue by inserting an unaffected BGP router—configured to drop the invalid BGP update instead of propagating it—between the attacker-originated BGP update and PAN-OS, Prisma SD-WAN ION, and Prisma Access devices. This stops the invalid BGP update from reaching the affected router.","supportingMedia":{"value":"You can prevent exploitation of this issue by inserting an unaffected BGP router—configured to drop the invalid BGP update instead of propagating it—between the attacker-originated BGP update and PAN-OS, Prisma SD-WAN ION, and Prisma Access devices. This stops the invalid BGP update from reaching the affected router.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting our customers. However, knowledge of invalid BGP attributes that trigger this issue is publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting our customers. However, knowledge of invalid BGP attributes that trigger this issue is publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.16-h3, PAN-OS 10.1.11, PAN-OS 10.2.6, PAN-OS 11.0.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma SD-WAN ION 6.1.5, Prisma SD-WAN ION 6.2.3, and all later Prisma SD-WAN ION versions. This issue does not impact Prisma SD-WAN ION 5.6 versions.\n\nFor Prisma Access customers, the upgrade to fix this issue will be available on 09/30. Customers should work with their Prisma Access contacts and support to secure a maintenance window for the on-demand software upgrade.\n\nPlease note that full Prisma Access data plane upgrades scheduled on and after 09/30 will have this fix incorporated by default. No additional action is necessary for these customers to remediate this issue.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.26, PAN-OS 9.0.17-h4, PAN-OS 9.1.16-h3, PAN-OS 10.1.11, PAN-OS 10.2.6, PAN-OS 11.0.3, and all later PAN-OS versions.\n\nThis issue is fixed in Prisma SD-WAN ION 6.1.5, Prisma SD-WAN ION 6.2.3, and all later Prisma SD-WAN ION versions. This issue does not impact Prisma SD-WAN ION 5.6 versions.\n\nFor Prisma Access customers, the upgrade to fix this issue will be available on 09/30. Customers should work with their Prisma Access contacts and support to secure a maintenance window for the on-demand software upgrade.\n\nPlease note that full Prisma Access data plane upgrades scheduled on and after 09/30 will have this fix incorporated by default. No additional action is necessary for these customers to remediate this issue.","type":"text/html","base64":false}}],"timeline":[{"time":"2023-12-13T17:00:00.000Z","lang":"eng","value":"Updated the ETA for the fix in Prisma SD-WAN ION 6.2"},{"time":"2023-12-09T00:00:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 8.1.26 and PAN-OS 9.0.17-h4"},{"time":"2023-11-08T17:00:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 11.0.3 and added CVSS 4.0 scoring"},{"time":"2023-11-08T17:00:00.000Z","lang":"eng","value":"A fix for this issue is being developed for PAN-OS 8.1 and PAN-OS 9.0"},{"time":"2023-11-02T21:05:00.000Z","lang":"eng","value":"Updated the ETA for the fix in PAN-OS 11.0.3"},{"time":"2023-10-24T02:20:00.000Z","lang":"eng","value":"Updated availability of the fix in Prisma SD-WAN ION 6.1.5"},{"time":"2023-10-16T16:15:00.000Z","lang":"eng","value":"Updated the ETA for the fix in Prisma SD-WAN ION 6.1"},{"time":"2023-10-11T16:00:00.000Z","lang":"eng","value":"Updated the ETA for the fix in PAN-OS 11.0.3"},{"time":"2023-10-04T02:05:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 9.1.16-h3"},{"time":"2023-09-28T04:45:00.000Z","lang":"eng","value":"Updated availability of the fix in PAN-OS 10.1.11 and 10.2.6"},{"time":"2023-09-22T00:02:00.000Z","lang":"eng","value":"Updated guidance for Prisma Access customers"},{"time":"2023-09-16T00:34:00.000Z","lang":"eng","value":"Prisma SD-WAN ION is confirmed to be impacted"},{"time":"2023-09-15T01:00:00.000Z","lang":"eng","value":"The impact of this issue is under investigation for Prisma Access"},{"time":"2023-09-13T16:00:00.000Z","lang":"eng","value":"Initial Publication"},{"time":"2024-01-18T18:00:00.000Z","lang":"eng","value":"Updated availability of the fix in Prisma SD-WAN ION 6.2.3"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0030","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-10-12T00:00:00","dateReserved":"2022-10-12T00:00:00","dateUpdated":"2022-10-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authentication Bypass in Web Interface","datePublic":"2022-10-12T16:00:00.000Z","providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2022-10-12T00:00:00"},"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."}]}],"x_affectedList":["PAN-OS 8.1.23-h1","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0 All","status":"unaffected"},{"version":"9.1 All","status":"unaffected"},{"version":"10.1 All","status":"unaffected"},{"version":"10.2 All","status":"unaffected"},{"version":"10.0 All","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.24","versionType":"custom","changes":[{"at":"8.1.24","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0030"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks the security researcher that discovered and reported this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing","cweId":"CWE-290"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-195571"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat ID 92720 (Applications and Threats content update 8630-7638).\n\nTo exploit this issue, the attacker must have network access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.24 and all later PAN-OS versions.\n\nPlease note that PAN-OS 8.1 has reached its software end-of-life (EoL) and is supported only on PA-200, PA-500, and PA-5000 Series firewalls and on M-100 appliances and only until each of their respective hardware EoL dates: https://www.paloaltonetworks.com/services/support/end-of-life-announcements/hardware-end-of-life-dates.html.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-10-12T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-08-10T00:00:00","dateReserved":"2022-08-10T00:00:00","dateUpdated":"2022-08-19T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering","datePublic":"2022-08-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-08-10T16:00:16","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target.\n\nTo be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator.\n\nIf exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack.\n\nWe have taken prompt action to address this issue in our PAN-OS software. All PAN-OS software updates for this issue are now available. This issue does not impact Panorama M-Series or Panorama virtual appliances.\n\nThis issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target.\n\nTo be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing network interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator.\n\nIf exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack.\n\nWe have taken prompt action to address this issue in our PAN-OS software. All PAN-OS software updates for this issue are now available. This issue does not impact Panorama M-Series or Panorama virtual appliances.\n\nThis issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."}]}],"x_affectedList":["PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.23","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"Cloud NGFW","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.23-h1","versionType":"custom","changes":[{"at":"8.1.23-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16-h3","versionType":"custom","changes":[{"at":"9.0.16-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.14-h4","versionType":"custom","changes":[{"at":"9.1.14-h4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.11-h1","versionType":"custom","changes":[{"at":"10.0.11-h1","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.6-h6","versionType":"custom","changes":[{"at":"10.1.6-h6","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.2-h2","versionType":"custom","changes":[{"at":"10.2.2-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"},{"version":"3.0 All","status":"unaffected"},{"version":"3.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0028"}],"credits":[{"lang":"en","value":"This issue was responsibly reported to Palo Alto Networks by Excellium-Services S.A. CSIRT, CERT-XLM."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":8.6,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-406 Insufficient Control of Network Message Volume (Network Amplification)","cweId":"CWE-406"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-192999"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection > TCP Drop > TCP Syn With Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.","supportingMedia":{"value":"The firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface for this issue to be misused by an external attacker. This configuration is not typical for URL filtering and is likely unintended by the administrator.\n\nThis issue is applicable to PA-Series (hardware), VM-Series (virtual), and CN-Series (container) firewalls only when all three of the following conditions are true:\n\n1. The security policy on the firewall that allows traffic to pass from Zone A to Zone B includes a URL filtering profile with one or more blocked categories;\nAND\n2. Packet-based attack protection is not enabled in a Zone Protection profile for Zone A including both (Packet Based Attack Protection > TCP Drop > TCP Syn With Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nAND\n3. Flood protection through SYN cookies is not enabled in a Zone Protection profile for Zone A (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"If you have a URL filtering policy with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection > TCP Drop > TCP SYN with Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nOR\n2. Flood protection (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\nIt is not necessary nor advantageous to apply both the attack and flood protections. \n(Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection","supportingMedia":{"value":"If you have a URL filtering policy with one or more blocked categories assigned to a security rule with a source zone that has an external facing interface, removing this configuration will prevent this issue from being exploited by remote attackers to conduct reflected DoS.\n\nTo prevent denial-of-service (DoS) attacks resulting from this issue from all sources, you can configure your Palo Alto Networks firewalls by enabling one of two zone protection mitigations on all Security zones with an assigned Security policy that includes a URL filtering profile:\n\n1. Packet-based attack protection including both (Packet Based Attack Protection > TCP Drop > TCP SYN with Data) and (Packet Based Attack Protection > TCP Drop > Strip TCP Options > TCP Fast Open);\nOR\n2. Flood protection (Flood Protection > SYN > Action > SYN Cookie) with an activation threshold of 0 connections.\n\nNOTES:\nIt is not necessary nor advantageous to apply both the attack and flood protections. \n(Palo Alto Networks Aporeto software only) You should not enable either of these protections if using Aporeto software; instead, wait for and install a fixed version of PAN-OS software.\n\nPacket-Based Attack Protection Workaround (Recommended)\n\nFollow the technical documentation to configure packet-based attack protection options for all defined Security zones with URL filtering enabled in the Security profile for that zone:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/configure-zone-protection-to-increase-network-security/configure-packet-based-attack-protection\n\nThe packet-based attack protection workaround will prevent the firewall from establishing TCP sessions in impacted zones when the TCP SYN packet contains data in the three-way handshake for a TCP session. Please note that this workaround may disrupt applications that use TCP Fast Open in the zone.\n\nFlood Protection (Alternate) Workaround\n\nIf you instead decide to enable the flood protection workaround, first make sure you understand how enabling SYN cookies will change traffic flow in the impacted zones:\nhttps://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/zone-protection-and-dos-protection/zone-defense/zone-protection-profiles/flood-protection","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n","supportingMedia":{"value":"Palo Alto Networks recently learned that an attempted reflected denial-of-service (RDoS) attack was identified by a service provider. This attempted attack took advantage of susceptible firewalls from multiple vendors, including Palo Alto Networks. We immediately started to root cause and remediate this issue.\n\nExploitation of this issue does not impact the confidentiality, integrity, or availability of our products.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration.\n\nThis issue is fixed in PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions for PA-Series, VM-Series and CN-Series firewalls.\n\nAll PAN-OS software updates for this issue are now available.","supportingMedia":{"value":"We identified workarounds to prevent the denial-of-service (DoS) attacks that result from this issue in certain Palo Alto Networks firewalls, with this policy configuration.\n\nThis issue is fixed in PAN-OS 8.1.23-h1, PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, PAN-OS 10.0.11-h1, PAN-OS 10.1.6-h6, PAN-OS 10.2.2-h2, and all later PAN-OS versions for PA-Series, VM-Series and CN-Series firewalls.\n\nAll PAN-OS software updates for this issue are now available.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-08-10T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-08-10T23:10:00.000Z","lang":"eng","value":"PAN-OS 10.1.6-h6 fixed version is now available. Updated ETA for PAN-OS 8.1.23-h1. Clarified URL filtering assignment language."},{"time":"2022-08-12T02:45:00.000Z","lang":"eng","value":"An update to the acknowledgements section of the advisory."},{"time":"2022-08-16T00:42:00.000Z","lang":"eng","value":"PAN-OS 8.1.23-h1 fixed version is now available."},{"time":"2022-08-18T23:38:00.000Z","lang":"eng","value":"PAN-OS 10.2.2-h2 fixed version is now available."},{"time":"2022-08-19T16:22:00.000Z","lang":"eng","value":"PAN-OS 9.0.16-h3, PAN-OS 9.1.14-h4, and PAN-OS 10.0.11-h1 fixed versions are now available."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0024","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-05-11T00:00:00","dateReserved":"2022-05-11T00:00:00","dateUpdated":"2022-05-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Neutralization Vulnerability Leads to Unintended Program Execution During Configuration Commit","datePublic":"2022-05-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-05-11T16:30:22","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.\n\nThis issue does not impact Panorama appliances or Prisma Access customers.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls.\n\nThis issue does not impact Panorama appliances or Prisma Access customers."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5.\n"}]}],"x_affectedList":["PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.1","status":"affected","lessThan":"9.1.13","versionType":"custom","changes":[{"at":"9.1.13","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.5","versionType":"custom","changes":[{"at":"10.1.5","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16","versionType":"custom","changes":[{"at":"9.0.16","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.23","versionType":"custom","changes":[{"at":"8.1.23","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.10","versionType":"custom","changes":[{"at":"10.0.10","status":"unaffected"}]},{"version":"10.2.0","status":"unaffected","lessThan":"10.2*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0024"}],"credits":[{"lang":"en","value":" This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-138 Improper Neutralization of Special Elements","cweId":"CWE-138"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-177551"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16, PAN-OS 9.1.13, PAN-OS 10.0.10, PAN-OS 10.1.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2022-05-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-0778","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2022-03-31T00:00:00","dateReserved":"2022-03-31T00:00:00","dateUpdated":"2022-06-24T00:00:00.000000Z"},"containers":{"cna":{"title":"Impact of the OpenSSL Infinite Loop Vulnerability CVE-2022-0778","datePublic":"2022-03-31T02:30:00.000Z","providerMetadata":{"orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl","dateUpdated":"2024-06-21T19:07:01.186352"},"descriptions":[{"lang":"en","value":"The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products.\n\nThis vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.\n\nThe Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\nAll fixed versions of Cortex XDR agent, GlobalProtect app, and PAN-OS are now available.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Palo Alto Networks Product Security Assurance team has evaluated the OpenSSL infinite loop vulnerability (CVE-2022-0778) as it relates to our products.\n\nThis vulnerability causes the OpenSSL library to enter an infinite loop when parsing an invalid certificate and can result in a Denial-of-Service (DoS) to the application. An attacker does not need a verified certificate to exploit this vulnerability because parsing a bad certificate triggers the infinite loop before the verification process is completed.\n\nThe Prisma Cloud and Cortex XSOAR products are not impacted by this vulnerability. However, PAN-OS, GlobalProtect app, and Cortex XDR agent software contain a vulnerable version of the OpenSSL library and product availability is impacted by this vulnerability. For PAN-OS software, this includes both hardware and virtual firewalls and Panorama appliances as well as Prisma Access customers. This vulnerability has reduced severity on Cortex XDR agent and GlobalProtect app as successful exploitation requires a meddler-in-the-middle attack (MITM): 5.9 Medium (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n\nAll fixed versions of Cortex XDR agent, GlobalProtect app, and PAN-OS are now available."}]},{"lang":"en","value":"This issue impacts the following versions of PAN-OS:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h2;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5-h1;\nPAN-OS 10.2 versions earlier than PAN-OS 10.2.1.\n\n\nThis issue impacts the following versions of GlobalProtect app:\nGlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.11;\nGlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.12;\nGlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.4;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.1 on Windows and macOS;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.2 on Android and iOS.\n\n\nThis issue impacts the following versions and builds of Cortex XDR agent:\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux;\nAll versions and builds of Cortex XDR agent 7.4;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 on Linux;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts the following versions of PAN-OS:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.23;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.16-h2;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.13-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.10;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.5-h1;\nPAN-OS 10.2 versions earlier than PAN-OS 10.2.1.\n\n\nThis issue impacts the following versions of GlobalProtect app:\nGlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.11;\nGlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.12;\nGlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.4;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.1 on Windows and macOS;\nGlobalProtect app 6.0 versions earlier than GlobalProtect app 6.0.2 on Android and iOS.\n\n\nThis issue impacts the following versions and builds of Cortex XDR agent:\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS;\nCortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux;\nAll versions and builds of Cortex XDR agent 7.4;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS;\nCortex XDR agent 7.5-CE versions earlier than Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS;\nCortex XDR agent 7.5 versions earlier than Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS;\nCortex XDR agent 7.6 versions earlier than Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 on Linux;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS;\nCortex XDR agent 7.7 versions earlier than Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux."}]},{"lang":"en","value":"This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s)."}]}],"x_affectedList":["Prisma Access 3.1","Prisma Access 3.0","Prisma Access 2.2","Prisma Access 2.1","PAN-OS 10.2.0","PAN-OS 10.2","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.22","PAN-OS 8.1.21-h1","PAN-OS 8.1.21","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","GlobalProtect App 6.0","GlobalProtect App 5.3","GlobalProtect App 5.2","GlobalProtect App 5.1","Cortex XDR Agent 7.7","Cortex XDR Agent 7.6","Cortex XDR Agent 7.5-CE","Cortex XDR Agent 7.5","Cortex XDR Agent 7.4","Cortex XDR Agent 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.23","versionType":"custom","changes":[{"at":"8.1.23","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.13-h3","versionType":"custom","changes":[{"at":"9.1.13-h3","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.10","versionType":"custom","changes":[{"at":"10.0.10","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.5-h1","versionType":"custom","changes":[{"at":"10.1.5-h1","status":"unaffected"}]},{"version":"10.2","status":"affected","lessThan":"10.2.1","versionType":"custom","changes":[{"at":"10.2.1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.16-h2","versionType":"custom","changes":[{"at":"9.0.16-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 Preferred, Innovation","status":"affected"},{"version":"2.2 Preferred","status":"affected"},{"version":"3.0 Preferred, Innovation","status":"affected"},{"version":"3.1 Preferred, Innovation","status":"affected"}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"6.0","status":"affected","lessThan":"6.0.1","versionType":"custom","changes":[{"at":"6.0.1","status":"unaffected"}]}],"platforms":["Windows and macOS"]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"5.2","status":"affected","lessThan":"5.2.12","versionType":"custom","changes":[{"at":"5.2.12","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThan":"5.1.11","versionType":"custom","changes":[{"at":"5.1.11","status":"unaffected"}]},{"version":"5.3","status":"affected","lessThan":"5.3.4","versionType":"custom","changes":[{"at":"5.3.4","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"version":"6.0","status":"affected","lessThan":"6.0.2","versionType":"custom","changes":[{"at":"6.0.2","status":"unaffected"}]}],"platforms":["Android and iOS"]},{"vendor":"Palo Alto Networks","product":"Cortex XSOAR","versions":[{"version":"All","status":"unaffected"}]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.4.*","status":"affected"}]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"6.1","status":"affected","lessThan":"6.1.9.61370","versionType":"custom","changes":[{"at":"6.1.9.61370","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.60642","versionType":"custom","changes":[{"at":"7.5.100.60642","status":"unaffected"}]},{"version":"7.5","status":"affected","lessThan":"7.5.3.60113","versionType":"custom","changes":[{"at":"7.5.3.60113","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.60545","versionType":"custom","changes":[{"at":"7.6.2.60545","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.60725","versionType":"custom","changes":[{"at":"7.7.0.60725","status":"unaffected"}]}],"platforms":["Windows"]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.5","status":"affected","lessThan":"7.5.3.2265","versionType":"custom","changes":[{"at":"7.5.3.2265","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.2311","versionType":"custom","changes":[{"at":"7.6.2.2311","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.2356","versionType":"custom","changes":[{"at":"7.7.0.2356","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThan":"6.1.7.1690","versionType":"custom","changes":[{"at":"6.1.7.1690","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.2276","versionType":"custom","changes":[{"at":"7.5.100.2276","status":"unaffected"}]}],"platforms":["macOS"]},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"version":"7.5","status":"affected","lessThan":"7.5.3.59465","versionType":"custom","changes":[{"at":"7.5.3.59465","status":"unaffected"}]},{"version":"7.6","status":"affected","lessThan":"7.6.2.59612","versionType":"custom","changes":[{"at":"7.6.2.59612","status":"unaffected"}]},{"version":"7.7","status":"affected","lessThan":"7.7.0.59559","versionType":"custom","changes":[{"at":"7.7.0.59559","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThan":"6.1.7.60245","versionType":"custom","changes":[{"at":"6.1.7.60245","status":"unaffected"}]},{"version":"7.5-CE","status":"affected","lessThan":"7.5.100.59687","versionType":"custom","changes":[{"at":"7.5.100.59687","status":"unaffected"}]}],"platforms":["Linux"]},{"vendor":"Palo Alto Networks","product":"Prisma Cloud","versions":[{"version":"All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2022-0778"},{"tags":["x_refsource_CONFIRM"],"url":"https://www.openssl.org/news/secadv/20220315.txt"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-834 Excessive Iteration","cweId":"CWE-834"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-190175","PAN-190223"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits.\n\nCustomers will need to upgrade their products to a fixed version to completely remove the risk of this issue.\n","supportingMedia":{"value":"Customers with a Threat Prevention subscription can block known attacks for this vulnerability by enabling Threat IDs 92409 and 92411 (Applications and Threats content update 8552). This mitigation reduces the risk of exploitation from known exploits.\n\nCustomers will need to upgrade their products to a fixed version to completely remove the risk of this issue.\n","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue on any of our products.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, PAN-OS 10.2.1, and all later PAN-OS versions.\n\nThis issue is fixed in GlobalProtect app 5.1.11, GlobalProtect app 5.2.12, GlobalProtect app 5.3.4, GlobalProtect app 6.0.1 on Window and macOS, GlobalProtect app 6.0.2 on Android and iOS, and all later GlobalProtect app versions.\n\nThis issue is fixed in Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows, Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS, Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux, Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows, Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS, Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux, Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows, Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS, Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 hotfix on Linux, Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows, Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS, Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux, and all later versions and builds of Cortex XDR agent. Cortex XDR agent 7.4 is end-of-life on May 24, 2022 and is not expected to receive a fix for this issue.\n\nThis issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.23, PAN-OS 9.0.16-h2, PAN-OS 9.1.13-h3, PAN-OS 10.0.10, PAN-OS 10.1.5-h1, PAN-OS 10.2.1, and all later PAN-OS versions.\n\nThis issue is fixed in GlobalProtect app 5.1.11, GlobalProtect app 5.2.12, GlobalProtect app 5.3.4, GlobalProtect app 6.0.1 on Window and macOS, GlobalProtect app 6.0.2 on Android and iOS, and all later GlobalProtect app versions.\n\nThis issue is fixed in Cortex XDR agent 6.1.9 hotfix build 6.1.9.61370 on Windows, Cortex XDR agent 6.1.7 hotfix build 6.1.7.1690 on macOS, Cortex XDR agent 6.1.7 hotfix build 6.1.7.60245 on Linux, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.60642 on Windows, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.2276 on macOS, Cortex XDR agent 7.5.100-CE hotfix build 7.5.100.59687 on Linux, Cortex XDR agent 7.5.3 build 7.5.3.60113 on Windows, Cortex XDR agent 7.5.3 build 7.5.3.2265 on macOS, Cortex XDR agent 7.5.3 build 7.5.3.59465 on Linux, Cortex XDR agent 7.6.2 hotfix build 7.6.2.60545 on Windows, Cortex XDR agent 7.6.2 hotfix build 7.6.2.2311 on macOS, Cortex XDR agent 7.6.2 hotfix build 7.6.2.59612 hotfix on Linux, Cortex XDR agent 7.7.0 hotfix build 7.7.0.60725 on Windows, Cortex XDR agent 7.7.0 hotfix build 7.7.0.2356 on macOS, Cortex XDR agent 7.7.0 hotfix build 7.7.0.59559 on Linux, and all later versions and builds of Cortex XDR agent. Cortex XDR agent 7.4 is end-of-life on May 24, 2022 and is not expected to receive a fix for this issue.\n\nThis issue is addressed for Prisma Access customers in the Prisma Access patch rollout that will begin on May 7, 2022 and will be a phased rollout performed based on theaters. Palo Alto Networks will send an additional email notification through Prisma Access Insights one week before the rollout begins for affected tenant(s).","type":"text/html","base64":false}}],"timeline":[{"time":"2022-05-11T16:00:00.000Z","lang":"eng","value":"Cortex XDR agent fixes for Cortex XDR agent 6.1 and 7.5-CE are now available."},{"time":"2022-05-04T17:40:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 6.0.1 is now available."},{"time":"2022-04-30T01:00:00.000Z","lang":"eng","value":"Updated fix information for Cortex XDR agent. New fix ETA for Prisma Access customers."},{"time":"2022-04-27T17:15:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 8.1.23 is now available."},{"time":"2022-04-22T03:00:00.000Z","lang":"eng","value":"Added new Cortex XDR agent fix ETAs. Updated ETA for PAN-OS 8.1.23 fix."},{"time":"2022-04-20T17:00:00.000Z","lang":"eng","value":"Added new GlobalProtect app 5.3 fix ETA."},{"time":"2022-04-19T18:15:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 10.2.1 is now available."},{"time":"2022-04-15T20:30:00.000Z","lang":"eng","value":"Added new GlobalProtect app fix ETAs."},{"time":"2022-04-12T23:45:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 10.0.10 is now available."},{"time":"2022-04-12T01:00:00.000Z","lang":"eng","value":"PAN-OS fixed version PAN-OS 9.0.16-h2 is now available."},{"time":"2022-04-07T23:45:00.000Z","lang":"eng","value":"PAN-OS fixed versions PAN-OS 9.1.13-h3 and PAN-OS 10.1.5-h1 are now available."},{"time":"2022-04-06T18:00:00.000Z","lang":"eng","value":"Added new PAN-OS fix ETAs, available threat prevention signatures, and additional FAQ."},{"time":"2022-03-31T02:30:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-05-12T21:10:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.1.11 is now available."},{"time":"2022-05-28T01:45:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.2.12 is now available."},{"time":"2022-05-31T16:40:00.000Z","lang":"eng","value":"GlobalProtect app fixed version GlobalProtect app 5.3.4 is now available."},{"time":"2022-06-24T19:04:00.000Z","lang":"eng","value":"Fixed version clarification for GlobalProtect app on Android and iOS platforms."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2021-44228","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2022-01-22T00:00:00.000Z","serial":1,"dateReserved":"2021-12-10T08:00:00.000Z","datePublished":"2021-12-10T08:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"apache","dateUpdated":"2023-04-03T07:00:00.000Z"},"title":"Impact of Log4j Vulnerabilities CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832","datePublic":"2021-12-10T21:45:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code ('Code Injection')","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":""}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Prisma SD-WAN (CloudGenix)","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Cortex XSOAR","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"GlobalProtect App","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Cortex XDR Agent","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Cloud Compute","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Cloud","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Bridgecrew","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"WildFire Appliance (WF-500)","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"SaaS Security","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"WildFire Cloud","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"IoT Security","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Cortex Xpanse","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Okyo Garde","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"User-ID Agent","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","platforms":["Firewall","WildFire"],"versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","platforms":["Panorama"],"versions":[{"status":"unaffected","version":"8.1.0","lessThan":"All","versionType":"custom"},{"status":"unaffected","version":"10.1.0","lessThan":"All","versionType":"custom"},{"status":"affected","version":"9.0.0","lessThan":"9.0.15","changes":[{"at":"9.0.15","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"10.0.0","lessThan":"10.0.8-h8","changes":[{"at":"10.0.8-h8","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"9.1.0","lessThan":"9.1.12-h3","changes":[{"at":"9.1.12-h3","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Expedition","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Cortex Data Lake","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Enterprise Data Loss Prevention","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Exact Data Matching CLI","versions":[{"status":"affected","version":" ","lessThan":"2.1","changes":[{"at":"2.1","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-DB Private Cloud","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"Traps","versions":[{"status":"unaffected","version":"All","versionType":"custom"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"Apache Log4j Java library is vulnerable to a remote code execution vulnerability CVE-2021-44228, known as Log4Shell, and related vulnerabilities CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832. Log4Shell allows remote unauthenticated attackers with the ability to inject text into log messages to execute arbitrary code loaded from malicious servers with the privileges of the process utilizing Log4j.\n\nThese products and services are not affected by Log4Shell: Bridgecrew, Cortex Data Lake, Cortex XDR agents, Cortex XSOAR, Cortex Xpanse, Enterprise Data Loss Prevention (DLP), Expedition, the GlobalProtect app, IoT Security, Okyo Garde, PAN-DB Private Cloud, PAN-OS software running on firewalls including VM and CN series, Prisma Access, Prisma Cloud, Prisma Cloud Compute, Prisma SD-WAN (CloudGenix), SaaS Security, Traps, User-ID Agent, WildFire Appliance (WF-500), and WildFire Cloud. \n\nWe have determined that some configurations of Panorama appliances with PAN-OS 9.0, PAN-OS 9.1, and PAN-OS 10.0 are impacted by CVE-2021-44228 and CVE-2021-45046 through the use of Elasticsearch. Fixes were released on December 20, 2021 to address both vulnerabilities on impacted PAN-OS versions. Panorama appliances are not impacted by CVE-2021-45105 and CVE-2021-44832. \n\nNOTE: PAN-OS 8.1 and PAN-OS 10.1 versions for Panorama are not impacted by these issues. All versions of PAN-OS for firewalls and WildFire appliances are not affected.\n\nThese vulnerabilities impact Exact Data Matching (EDM) CLI application versions 1.0 - 2.0 provided by Enterprise Data Loss Prevention (DLP). Enterprise DLP is not affected by these issues.\n\nThe Palo Alto Networks Product Security Assurance team has completed evaluation of all products and services for these vulnerabilities. All cloud services with known possible impact have been remediated.\n\nAt this time, our guidance and criteria for impacted Panorama appliances remain the same for all related vulnerabilities. The Exact Data Matching (EDM) CLI application should now be upgraded to EDM CLI version 2.1 or later versions.","supportingMedia":[{"type":"text/html","base64":true,"value":"
Apache Log4j Java library is vulnerable to a remote code execution vulnerability CVE-2021-44228, known as Log4Shell, and related vulnerabilities CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832. Log4Shell allows remote unauthenticated attackers with the ability to inject text into log messages to execute arbitrary code loaded from malicious servers with the privileges of the process utilizing Log4j.\n\nThese products and services are not affected by Log4Shell: Bridgecrew, Cortex Data Lake, Cortex XDR agents, Cortex XSOAR, Cortex Xpanse, Enterprise Data Loss Prevention (DLP), Expedition, the GlobalProtect app, IoT Security, Okyo Garde, PAN-DB Private Cloud, PAN-OS software running on firewalls including VM and CN series, Prisma Access, Prisma Cloud, Prisma Cloud Compute, Prisma SD-WAN (CloudGenix), SaaS Security, Traps, User-ID Agent, WildFire Appliance (WF-500), and WildFire Cloud. \n\nWe have determined that some configurations of Panorama appliances with PAN-OS 9.0, PAN-OS 9.1, and PAN-OS 10.0 are impacted by CVE-2021-44228 and CVE-2021-45046 through the use of Elasticsearch. Fixes were released on December 20, 2021 to address both vulnerabilities on impacted PAN-OS versions. Panorama appliances are not impacted by CVE-2021-45105 and CVE-2021-44832. \n\nNOTE: PAN-OS 8.1 and PAN-OS 10.1 versions for Panorama are not impacted by these issues. All versions of PAN-OS for firewalls and WildFire appliances are not affected.\n\nThese vulnerabilities impact Exact Data Matching (EDM) CLI application versions 1.0 - 2.0 provided by Enterprise Data Loss Prevention (DLP). Enterprise DLP is not affected by these issues.\n\nThe Palo Alto Networks Product Security Assurance team has completed evaluation of all products and services for these vulnerabilities. All cloud services with known possible impact have been remediated.\n\nAt this time, our guidance and criteria for impacted Panorama appliances remain the same for all related vulnerabilities. The Exact Data Matching (EDM) CLI application should now be upgraded to EDM CLI version 2.1 or later versions."}]}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2021-44228","tags":["x_refsource_CONFIRM"]},{"url":"https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/","tags":["x_refsource_CONFIRM"]}],"metrics":[{"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}],"cvssV4_0":{"version":"4.0","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"HIGH","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","exploitMaturity":"NOT_DEFINED","baseSeverity":"CRITICAL","baseScore":10,"threatSeverity":"CRITICAL","threatScore":10,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},"cvssV3_1":{"version":"3.1","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseSeverity":"CRITICAL","baseScore":9.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}],"configurations":[{"lang":"en","value":"Vulnerabilities CVE-2021-44228 and CVE-2021-45046 are applicable to Panorama hardware appliances and virtual appliances that have Elasticsearch software running. Appliances that are run in Panorama mode or Log Collector mode, and have also been part of a Collector Group, are impacted. You can determine if the appliance is part of a Collector Group by visiting 'Panorama > Managed Collectors' from the web interface and verify that Elasticsearch is running on the appliance by checking the command ‘show system software status | match elasticsearch’ from the CLI.\n\nAppliances running in Management Only mode or Legacy mode, including those used for Prisma Access, are not impacted.","supportingMedia":[{"type":"text/html","base64":false,"value":"Vulnerabilities CVE-2021-44228 and CVE-2021-45046 are applicable to Panorama hardware appliances and virtual appliances that have Elasticsearch software running. Appliances that are run in Panorama mode or Log Collector mode, and have also been part of a Collector Group, are impacted. You can determine if the appliance is part of a Collector Group by visiting 'Panorama > Managed Collectors' from the web interface and verify that Elasticsearch is running on the appliance by checking the command ‘show system software status | match elasticsearch’ from the CLI.\n\nAppliances running in Management Only mode or Legacy mode, including those used for Prisma Access, are not impacted."}]}],"workarounds":[{"lang":"en","value":"For each Panorama hardware appliance and virtual appliance running in Panorama mode or Log Collector mode, that has also been part of a Collector Group, must be removed from their Collector Group in ‘Panorama > Collector Group > Custom-CG-Name > General' from the web interface. Once affected appliances are removed from all groups, a Panorama commit and Collector Group push for all affected Collector Groups must be performed. The Collector Groups should not be deleted before performing the Collector Group push for the affected Collector Groups, else the Collector Group push will fail to remove the appliances.\n\nNOTE: When this workaround is applied, logging and reporting features in Panorama will not work. All logs stored on the appliance will be lost once it is removed from the Collector Group.\n\nFinally, all appliances that were part of the Collector Group need to be restarted to stop the use of Elasticsearch. This eliminates the exposure to CVE-2021-44228 and CVE-2021-45046.\n\nYou can restart the appliance by visiting ‘Panorama > Operations > Device Operations > Reboot Panorama’ from the web interface or by using the command ‘request restart system’ from the CLI.\nOnce these steps are completed, you can verify that Elasticsearch has stopped and the appliance’s exposure to CVE-2021-44228 and CVE-2021-45046 has been removed, by running the command ‘show system software status | match elasticsearch’ from the CLI.\n\nManaged PAN-OS firewalls can be configured to forward logs to other servers until Panorama log collection functionality is restored. Alternate Log Forwarding options are detailed here: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/objects/objects-log-forwarding.html\n\nFollow the security best practices listed in ‘Protecting Panorama and Log Collector Inbound and Outbound Communications’ to reduce the risk of successful exploitation of CVE-2021-44228 and CVE-2021-45046 on Panorama appliances: https://live.paloaltonetworks.com/t5/general-articles/protecting-panorama-and-log-collector-inbound-and-outbound/ta-p/454071\n\nAdditionally, use ACLs to limit network access to Panorama to only trusted users and trusted networks and IP addresses. Use App-ID for ‘ldap’ and ‘rmi-iiop’ to block all LDAP and RMI traffic to and from untrusted networks or unexpected sources.\n\nNo other workarounds or mitigations are available for Palo Alto Networks products at this time.","supportingMedia":[{"type":"text/html","base64":false,"value":"For each Panorama hardware appliance and virtual appliance running in Panorama mode or Log Collector mode, that has also been part of a Collector Group, must be removed from their Collector Group in ‘Panorama > Collector Group > Custom-CG-Name > General' from the web interface. Once affected appliances are removed from all groups, a Panorama commit and Collector Group push for all affected Collector Groups must be performed. The Collector Groups should not be deleted before performing the Collector Group push for the affected Collector Groups, else the Collector Group push will fail to remove the appliances.\n\nNOTE: When this workaround is applied, logging and reporting features in Panorama will not work. All logs stored on the appliance will be lost once it is removed from the Collector Group.\n\nFinally, all appliances that were part of the Collector Group need to be restarted to stop the use of Elasticsearch. This eliminates the exposure to CVE-2021-44228 and CVE-2021-45046.\n\nYou can restart the appliance by visiting ‘Panorama > Operations > Device Operations > Reboot Panorama’ from the web interface or by using the command ‘request restart system’ from the CLI.\nOnce these steps are completed, you can verify that Elasticsearch has stopped and the appliance’s exposure to CVE-2021-44228 and CVE-2021-45046 has been removed, by running the command ‘show system software status | match elasticsearch’ from the CLI.\n\nManaged PAN-OS firewalls can be configured to forward logs to other servers until Panorama log collection functionality is restored. Alternate Log Forwarding options are detailed here: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/objects/objects-log-forwarding.html\n\nFollow the security best practices listed in ‘Protecting Panorama and Log Collector Inbound and Outbound Communications’ to reduce the risk of successful exploitation of CVE-2021-44228 and CVE-2021-45046 on Panorama appliances: https://live.paloaltonetworks.com/t5/general-articles/protecting-panorama-and-log-collector-inbound-and-outbound/ta-p/454071\n\nAdditionally, use ACLs to limit network access to Panorama to only trusted users and trusted networks and IP addresses. Use App-ID for ‘ldap’ and ‘rmi-iiop’ to block all LDAP and RMI traffic to and from untrusted networks or unexpected sources.\n\nNo other workarounds or mitigations are available for Palo Alto Networks products at this time."}]}],"solutions":[{"lang":"en","value":"These issues are fixed in PAN-OS 9.0.15, PAN-OS 9.1.12-h3, PAN-OS 10.0.8-h8, and all later PAN-OS versions for Panorama hardware and virtual appliances.\n\nNOTE: Though PAN-OS 10.1 is not impacted by the these vulnerabilities, the responsible Log4j code was removed for additional assurance from PAN-OS 10.1 versions for Panorama appliances starting with PAN-OS 10.1.4.\n\nIf Panorama is running an impacted version of PAN-OS, and you would prefer to upgrade to PAN-OS 10.1, upgrade all appliances in affected Collector Groups to the latest PAN-OS 10.1 Preferred release (PAN-OS 10.1.3-h1 at time of publication) to remediate these issues.\n\nNOTE: Prisma Access customers should refer to the Prisma Access and Panorama version compatibility document before upgrading Panorama: https://docs.paloaltonetworks.com/compatibility-matrix/prisma-access/prisma-access-and-panorama-version-compatibility.html\n\nNOTE: Downgrading to PAN-OS 10.0 or earlier PAN-OS versions is not currently supported once Panorama is upgraded to PAN-OS 10.1. \n\nWorkarounds are available that eliminate the exposure for these older versions of Panorama until they can be upgraded to a fixed version.\n\nFor Enterprise Data Loss Prevention customers, these issues are fixed in Exact Data Matching (EDM) CLI application version 2.1 and all later EDM CLI versions.\n\nNo updates for other Palo Alto Networks products are required at this time.\n\nCortex XSOAR customers that have opted to deploy Elasticsearch in their environment should refer to the Elasticsearch announcement (ESA-2021-31) for remediation information. Elasticsearch 7.16 is not supported with Cortex XSOAR:\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nEnable signatures for unique threat IDs 91991, 91994, 91995, 92001, and 92007 to block a number of known attacks against CVE-2021-44228 and CVE-2021-45046 across the network.\n\nThese signatures block the first stage of the attack. Suitable egress filtering is key to blocking the second stage of the attack. Use App-ID for ‘ldap’ and ‘rmi-iiop’ to block all LDAP and RMI to or from untrusted networks and unexpected sources.\n\nSSL decryption needs to be enabled on the firewall to block known attacks over HTTPS.\n\nCustomers with log4j in their environments should upgrade or apply workarounds suggested by respective vendors, and not rely only on the Threat Prevention signatures.\n\nSee https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/ for more details on the Palo Alto Networks product capabilities to protect against attacks that exploit this issue.","supportingMedia":[{"type":"text/html","base64":false,"value":"These issues are fixed in PAN-OS 9.0.15, PAN-OS 9.1.12-h3, PAN-OS 10.0.8-h8, and all later PAN-OS versions for Panorama hardware and virtual appliances.\n\nNOTE: Though PAN-OS 10.1 is not impacted by the these vulnerabilities, the responsible Log4j code was removed for additional assurance from PAN-OS 10.1 versions for Panorama appliances starting with PAN-OS 10.1.4.\n\nIf Panorama is running an impacted version of PAN-OS, and you would prefer to upgrade to PAN-OS 10.1, upgrade all appliances in affected Collector Groups to the latest PAN-OS 10.1 Preferred release (PAN-OS 10.1.3-h1 at time of publication) to remediate these issues.\n\nNOTE: Prisma Access customers should refer to the Prisma Access and Panorama version compatibility document before upgrading Panorama: https://docs.paloaltonetworks.com/compatibility-matrix/prisma-access/prisma-access-and-panorama-version-compatibility.html\n\nNOTE: Downgrading to PAN-OS 10.0 or earlier PAN-OS versions is not currently supported once Panorama is upgraded to PAN-OS 10.1. \n\nWorkarounds are available that eliminate the exposure for these older versions of Panorama until they can be upgraded to a fixed version.\n\nFor Enterprise Data Loss Prevention customers, these issues are fixed in Exact Data Matching (EDM) CLI application version 2.1 and all later EDM CLI versions.\n\nNo updates for other Palo Alto Networks products are required at this time.\n\nCortex XSOAR customers that have opted to deploy Elasticsearch in their environment should refer to the Elasticsearch announcement (ESA-2021-31) for remediation information. Elasticsearch 7.16 is not supported with Cortex XSOAR:\n\nhttps://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476\n\nEnable signatures for unique threat IDs 91991, 91994, 91995, 92001, and 92007 to block a number of known attacks against CVE-2021-44228 and CVE-2021-45046 across the network.\n\nThese signatures block the first stage of the attack. Suitable egress filtering is key to blocking the second stage of the attack. Use App-ID for ‘ldap’ and ‘rmi-iiop’ to block all LDAP and RMI to or from untrusted networks and unexpected sources.\n\nSSL decryption needs to be enabled on the firewall to block known attacks over HTTPS.\n\nCustomers with log4j in their environments should upgrade or apply workarounds suggested by respective vendors, and not rely only on the Threat Prevention signatures.\n\nSee https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/ for more details on the Palo Alto Networks product capabilities to protect against attacks that exploit this issue."}]}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of evidence showing the exploitation of these vulnerabilities against Panorama hardware appliances, Panorama virtual appliances, or the Exact Data Matching CLI application.\n\nMore information about the vulnerability's exploitation in the wild can be found in the Unit 42 threat brief: https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/","supportingMedia":[{"type":"text/html","base64":false,"value":"Palo Alto Networks is not aware of evidence showing the exploitation of these vulnerabilities against Panorama hardware appliances, Panorama virtual appliances, or the Exact Data Matching CLI application.\n\nMore information about the vulnerability's exploitation in the wild can be found in the Unit 42 threat brief: https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/"}]}],"timeline":[{"time":"2022-01-22T02:30:00.000Z","lang":"eng","value":"Panorama appliances are not impacted by CVE-2021-44832 and a new EDM CLI application fix is available"},{"time":"2021-12-30T00:30:00.000Z","lang":"eng","value":"Traps is confirmed to be unaffected"},{"time":"2021-12-29T01:00:00.000Z","lang":"eng","value":"Update for related vulnerability CVE-2021-44832"},{"time":"2021-12-22T23:30:00.000Z","lang":"eng","value":"Clarified how Log4j was fixed in FAQ. Added note about deletion of Log4j code in PAN-OS 10.1.4"},{"time":"2021-12-21T00:00:00.000Z","lang":"eng","value":"Fixes are available for impacted Panorama appliances. Updates around related vulnerability CVE-2021-45105"},{"time":"2021-12-18T03:00:00.000Z","lang":"eng","value":"Update for related vulnerability CVE-2021-45046. Guidance for impacted products remains the same"},{"time":"2021-12-18T00:00:00.000Z","lang":"eng","value":"Added confirmation that PAN-DB Private Cloud is unaffected"},{"time":"2021-12-17T06:45:00.000Z","lang":"eng","value":"Clarifications made for Panorama appliances. Exact Data Maching CLI application is confirmed to be affected"},{"time":"2021-12-16T22:20:00.000Z","lang":"eng","value":"Added ETAs for PAN-OS fixed versions and additional information"},{"time":"2021-12-16T17:30:00.000Z","lang":"eng","value":"Clarification that there is no evidence of active Panorama exploitation"},{"time":"2021-12-15T20:25:00.000Z","lang":"eng","value":"Some versions of Panorama are confirmed to be susceptible to remote code execution. Evaluation of all products and services is complete"},{"time":"2021-12-14T21:12:00.000Z","lang":"eng","value":"UserID-Agent is confirmed to be unaffected"},{"time":"2021-12-14T07:30:00.000Z","lang":"eng","value":"The impact of the vulnerability on Panorama hardware and virtual appliances is under investigation"},{"time":"2021-12-14T04:00:00.000Z","lang":"eng","value":"Prisma Access and Okyo Garde are confirmed to be unaffected. Context for Panorama's Log4j usage"},{"time":"2021-12-13T19:40:00.000Z","lang":"eng","value":"Product status and Threat Prevention coverage updates"},{"time":"2021-12-12T18:34:00.000Z","lang":"eng","value":"Bridgecrew is confirmed to be unaffected"},{"time":"2021-12-11T04:14:00.000Z","lang":"eng","value":"Panorama is confirmed to be unaffected (Update: 12/15: new information is available that changes this evaluation)"},{"time":"2021-12-11T00:00:00.000Z","lang":"eng","value":"WildFire Appliance (WF-500) is confirmed to be unaffected"},{"time":"2021-12-10T21:45:00.000Z","lang":"eng","value":"Initial publication"}],"source":{"defect":["PAN-184592"],"discovery":"EXTERNAL"},"x_generator":{"engine":"Vulnogram 0.0.9"},"x_affectedList":["PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","Exact Data Matching CLI"]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3064","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-15T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Memory Corruption Vulnerability in GlobalProtect Portal and Gateway Interfaces","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:30","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A memory corruption vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to disrupt system processes and potentially execute arbitrary code with root privileges. The attacker must have network access to the GlobalProtect interface to exploit this issue."}]},{"lang":"en","value":"This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0.*","status":"unaffected"},{"version":"9.1.*","status":"unaffected"},{"version":"10.0.*","status":"unaffected"},{"version":"10.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.17","versionType":"custom","changes":[{"at":"8.1.17","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.2 All","status":"unaffected"},{"version":"2.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3064"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks the Randori Attack Team (https://twitter.com/RandoriAttack) for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-96528"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","supportingMedia":{"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","supportingMedia":{"value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect portal and gateway interfaces to block attacks against CVE-2021-3064.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.17 and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-11-15T20:00:00.000Z","lang":"eng","value":"Added to FAQ to clarify fix timeline"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3058","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability in Web Interface XML API","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:21","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"This issue does not impact Prisma Access firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue does not impact Prisma Access firewalls."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3058"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176653"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API.","supportingMedia":{"value":"This vulnerability is only applicable to PAN-OS firewalls configured to use the XML API.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91715 on traffic processed by the firewall to block attacks against CVE-2021-3058.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T18:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3063","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-12-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Denial-of-Service (DoS) Vulnerability in GlobalProtect Portal and Gateway Interfaces","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:29","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper handling of exceptional conditions vulnerability exists in Palo Alto Networks GlobalProtect portal and gateway interfaces that enables an unauthenticated network-based attacker to send specifically crafted traffic to a GlobalProtect interface that causes the service to stop responding. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.21;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.21;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h4;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h3;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8-h4;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20-h1","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.21","versionType":"custom","changes":[{"at":"8.1.21","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h4","versionType":"custom","changes":[{"at":"9.0.14-h4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8-h4","versionType":"custom","changes":[{"at":"10.0.8-h4","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h3","versionType":"custom","changes":[{"at":"9.1.11-h3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.2 All","status":"unaffected"},{"version":"2.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3063"}],"credits":[{"lang":"en","value":" This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-755 Improper Handling of Exceptional Conditions","cweId":"CWE-755"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-180032"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","supportingMedia":{"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' from the web interface.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","supportingMedia":{"value":"Enable signatures for Unique Threat IDs 91820 and 91855 on traffic destined for GlobalProtect interfaces to block attacks against CVE-2021-3063.\n\nIt is not necessary to enable SSL decryption to detect and block attacks against this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.21, PAN-OS 9.0.14-h4, PAN-OS 9.1.11-h3, PAN-OS 10.0.8-h4, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-11T02:00:00.000Z","lang":"eng","value":"PAN-OS 10.0.8-h4 is now available"},{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-12-09T17:16:00.000Z","lang":"eng","value":"Fixed the discovery status as this was internally found."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3059","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-17T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability When Performing Dynamic Updates","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:23","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface exists when performing dynamic updates. This vulnerability enables a man-in-the-middle attacker to execute arbitrary OS commands to escalate privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.2 All","status":"unaffected"},{"version":"2.1 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3059"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176618"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to firewalls and Panoramas that receive dynamic updates from an update server.\n\nTo verify this on firewalls not managed by Panorama ‘Device > Dynamic Updates’ from the web interface.\n\nTo verify this on Panorama review ‘Panorama > Dynamic Updates’ from the web interface.\n\nTo verify this for Panorama managed firewalls review ‘Panorama > Device Deployment > Dynamic Updates’ from the Panorama web interface.\n\nFirewalls that only receive content updates pushed from Panoramas are not susceptible to this issue.","supportingMedia":{"value":"This issue is applicable only to firewalls and Panoramas that receive dynamic updates from an update server.\n\nTo verify this on firewalls not managed by Panorama ‘Device > Dynamic Updates’ from the web interface.\n\nTo verify this on Panorama review ‘Panorama > Dynamic Updates’ from the web interface.\n\nTo verify this for Panorama managed firewalls review ‘Panorama > Device Deployment > Dynamic Updates’ from the Panorama web interface.\n\nFirewalls that only receive content updates pushed from Panoramas are not susceptible to this issue.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Updating dynamic content from a local file will prevent exposure to this vulnerability until you are able to upgrade PAN-OS firewalls and Panorama to a fixed version. You can disable scheduled dynamic updates in the web interface.\n\nPush content updates from Panorama to the managed firewalls until you are able to upgrade PAN-OS to a fixed version. The process of upgrading dynamic content on managed devices is referenced here:\nhttps://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/panorama-web-interface/panorama-managed-devices-summary/firewall-software-and-content-updates.html","supportingMedia":{"value":"Updating dynamic content from a local file will prevent exposure to this vulnerability until you are able to upgrade PAN-OS firewalls and Panorama to a fixed version. You can disable scheduled dynamic updates in the web interface.\n\nPush content updates from Panorama to the managed firewalls until you are able to upgrade PAN-OS to a fixed version. The process of upgrading dynamic content on managed devices is referenced here:\nhttps://docs.paloaltonetworks.com/pan-os/10-0/pan-os-web-interface-help/panorama-web-interface/panorama-managed-devices-summary/firewall-software-and-content-updates.html","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.\n","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T18:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-11-12T00:00:00.000Z","lang":"eng","value":"Prisma Access is not impacted"},{"time":"2021-11-17T22:20:00.000Z","lang":"eng","value":"Updated workaround and required configuration"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3062","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-11-10T00:00:00","dateReserved":"2021-11-10T00:00:00","dateUpdated":"2021-11-17T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Improper Access Control Vulnerability Exposing AWS Instance Metadata Endpoint to GlobalProtect Users","datePublic":"2021-11-10T17:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-10T17:10:27","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS.\n\nExploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper access control vulnerability in PAN-OS software enables an attacker with authenticated access to GlobalProtect portals and gateways to connect to the EC2 instance metadata endpoint for VM-Series firewalls hosted on Amazon AWS.\n\nExploitation of this vulnerability enables an attacker to perform any operations allowed by the EC2 role in AWS."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20 VM-Series firewalls;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11 VM-Series firewalls;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14 VM-Series firewalls;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8 VM-Series firewalls."}]},{"lang":"en","value":"Prisma Access customers are not impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers are not impacted by this issue."}]}],"x_affectedList":["PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"9.1","status":"affected","lessThan":"9.1.11","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]}],"platforms":["VM-Series"]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 All","status":"unaffected"},{"version":"2.2 All","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3062"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Matthew Flanagan of Computer Systems Australia (CSA) and Suresh Kumar Ponnusamy of Freshworks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-284 Improper Access Control","cweId":"CWE-284"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-164422"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' on the web interface.","supportingMedia":{"value":"This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal or gateway enabled. You can verify whether you have a GlobalProtect portal or gateway configured by checking for entries in 'Network > GlobalProtect > Portals' and in 'Network > GlobalProtect > Gateways' on the web interface.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"There are no known workarounds for this issue.","supportingMedia":{"value":"There are no known workarounds for this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.8, and all later PAN-OS versions","type":"text/html","base64":false}}],"timeline":[{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-11-17T22:40:00.000Z","lang":"eng","value":"Updated credit"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"cveId":"CVE-2021-3056","assignerOrgId":"00000000-0000-4000-9000-000000000000","assignerShortName":"palo_alto","dateUpdated":"2021-11-10T00:00:00.000Z","serial":1,"dateReserved":"2021-11-10T08:00:00.000Z","datePublished":"2021-11-10T08:00:00.000Z","state":"PUBLISHED"},"containers":{"cna":{"providerMetadata":{"orgId":"00000000-0000-4000-9000-000000000000","shortName":"palo_alto","dateUpdated":"2021-11-11T01:10:00.000Z"},"title":"PAN-OS: Memory Corruption Vulnerability in GlobalProtect Clientless VPN During SAML Authentication","datePublic":"2021-11-10T17:00:00.000Z","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-120","description":"CWE-120 Buffer Overflow","type":"CWE"}]}],"impacts":[{"descriptions":[{"lang":"en","value":""}]}],"affected":[{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"status":"unaffected","version":"2.2","versionType":"custom"},{"status":"affected","version":"2.1","changes":[{"at":"2.1","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"status":"unaffected","version":"10.1.0","versionType":"custom"},{"status":"affected","version":"10.0.0","lessThan":"10.0.1","changes":[{"at":"10.0.1","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"9.1.0","lessThan":"9.1.9","changes":[{"at":"9.1.9","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"9.0.0","lessThan":"9.0.14","changes":[{"at":"9.0.14","status":"unaffected"}],"versionType":"custom"},{"status":"affected","version":"8.1.0","lessThan":"8.1.20","changes":[{"at":"8.1.20","status":"unaffected"}],"versionType":"custom"}],"defaultStatus":"unaffected"}],"cpeApplicability":[{"operator":"OR","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.0.1"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"9.1.9"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.0.14"},{"vulnerable":true,"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndExcluding":"8.1.20"}]}]}],"descriptions":[{"lang":"en","value":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.\n\nThis issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n\nPrisma Access customers with Prisma Access 2.1 Preferred firewalls are impacted by this issue.","supportingMedia":[{"type":"text/html","base64":true,"value":"A memory corruption vulnerability in Palo Alto Networks PAN-OS GlobalProtect Clientless VPN enables an authenticated attacker to execute arbitrary code with root user privileges during SAML authentication.
An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP) feature of PAN-OS software allows an unauthenticated network-based attacker with specific knowledge of the firewall configuration to execute arbitrary code with root user privileges. The attacker must have network access to the GlobalProtect interfaces to exploit this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14-h3;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11-h2;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.8;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.3."}]},{"lang":"en","value":"Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Prisma Access customers with Prisma Access 2.1 Preferred and Prisma Access 2.1 Innovation firewalls are impacted by this issue."}]}],"x_affectedList":["Prisma Access 2.1","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.20","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.20-h1","versionType":"custom","changes":[{"at":"8.1.20-h1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14-h3","versionType":"custom","changes":[{"at":"9.0.14-h3","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11-h2","versionType":"custom","changes":[{"at":"9.1.11-h2","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.8","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.3","versionType":"custom","changes":[{"at":"10.1.3","status":"unaffected"}]}]},{"vendor":"Palo Alto Networks","product":"Prisma Access","versions":[{"version":"2.1 Preferred","status":"affected"},{"version":"2.2 All","status":"unaffected"},{"version":"2.1 Innovation","status":"affected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3060"},{"tags":["x_refsource_CONFIRM"],"url":"https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://docs.paloaltonetworks.com/prisma/prisma-access/innovation/2-1/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.html"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks CJ, an external security researcher, for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-176661"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting 'Device > Master Key and Diagnostics' from the web interface and change the key if needed.\n","supportingMedia":{"value":"This issue is applicable only to GlobalProtect portal and gateway configurations that are configured with a SCEP profile and when the default master key was not changed.\n\nYou can determine if your configuration has a SCEP profile by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nNote: The SCEP profile does not need to be enabled for the firewall to be at risk; it need only exist in the configuration to be a risk even if disabled.\n\nYou know you are using the default master key when the master key was not explicitly configured on the firewall. Review the master key configuration by selecting 'Device > Master Key and Diagnostics' from the web interface and change the key if needed.\n","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue.","supportingMedia":{"value":"Changing the master key for the firewall prevents exploitation of this vulnerability. This is a security best practice for both PAN-OS and Prisma Access customers.\n\nDocumentation for configuring the master key is available at: https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/certificate-management/configure-the-master-key.html. Please note the special requirements for high-availability (HA) and Panorama-managed environments.\n\nAdditional information is available for Prisma Access customers at: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prepare-the-prisma-access-infrastructure/get-started-with-prisma-access-overview.\n\nRemove all configured SCEP profiles from the firewall to completely eliminate any risk of exploitation related to this issue. You can view any existing SCEP profiles configured on the firewall by selecting 'Device > Certificate Management > SCEP' from the web interface.\n\nThis issue requires the attacker to have network access to the GlobalProtect interface.\n\nIn addition to these workarounds, you should enable signatures for Unique Threat ID 91526 on traffic destined for GlobalProtect interfaces to further mitigate the risk of attacks against CVE-2021-3060. SSL decryption is not necessary to detect attacks against this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue at time of publication. However, a proof of concept script for this issue is publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20-h1, PAN-OS 9.0.14-h3, PAN-OS 9.1.11-h2, PAN-OS 10.0.8, PAN-OS 10.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"This issue is fixed in Prisma Access 2.2 Preferred and all later Prisma Access versions."}],"timeline":[{"time":"2021-11-10T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2022-08-06T00:15:00.000Z","lang":"eng","value":"Updated Prisma Access documentation link; added a note about a public proof of concept script."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3054","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Unsigned Code Execution During Plugin Installation Race Condition Vulnerability","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:21","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A time-of-check to time-of-use (TOCTOU) race condition vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permission to upload plugins to execute arbitrary code with root user privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.7;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.2.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.11;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.7;\nPAN-OS 10.1 versions earlier than PAN-OS 10.1.2.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.7","versionType":"custom","changes":[{"at":"10.0.7","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.11","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"10.1","status":"affected","lessThan":"10.1.2","versionType":"custom","changes":[{"at":"10.1.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3054"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Praetorian for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","cweId":"CWE-367"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-138727"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91572 on traffic processed by the firewall to block attacks against CVE-2021-3054.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91572 on traffic processed by the firewall to block attacks against CVE-2021-3054.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.11, PAN-OS 10.0.7, PAN-OS 10.1.2, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-12T16:00:00.000Z","lang":"eng","value":"Added threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-10188","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Impact of Telnet Remote-Code-Execution (RCE) Vulnerability (CVE-2020-10188)","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-08T11:09:32","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code.\n\nThe Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is disabled.\n\nThis issue does not impact SSH or HTTPS management interfaces. This issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the Telnet-based administrative management service included with PAN-OS software allows remote attackers to execute arbitrary code.\n\nThe Telnet-based administrative management service is disabled by default and this issue is not exploitable if this service is disabled.\n\nThis issue does not impact SSH or HTTPS management interfaces. This issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.9","versionType":"custom","changes":[{"at":"9.1.9","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.6","versionType":"custom","changes":[{"at":"10.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-10188"}],"credits":[{"lang":"en","value":"This issue was found by an external researcher in the upstream Telnet code."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-120 Buffer Overflow","cweId":"CWE-120"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-158262"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is exploitable only if the Telnet service is enabled and is accessible to attackers.","supportingMedia":{"value":"This issue is exploitable only if the Telnet service is enabled and is accessible to attackers.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Disabling the Telnet-based administrative management service completely eliminates risks of exploitation of this issue.\n\nThis issue requires the attacker to have network access to the PAN-OS Telnet interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n\nIf the Telnet-based administrative management service is required and you cannot immediately upgrade your PAN-OS software, enable signatures for Unique Threat ID 59125 on traffic destined for the Telnet interface to block attacks against CVE-2020-10188.","supportingMedia":{"value":"Disabling the Telnet-based administrative management service completely eliminates risks of exploitation of this issue.\n\nThis issue requires the attacker to have network access to the PAN-OS Telnet interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n\nIf the Telnet-based administrative management service is required and you cannot immediately upgrade your PAN-OS software, enable signatures for Unique Threat ID 59125 on traffic destined for the Telnet interface to block attacks against CVE-2020-10188.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting Palo Alto Networks products.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue targeting Palo Alto Networks products.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.6, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.6, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3052","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Cross-Site Scripting (XSS) in Web Interface","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:18","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A reflected cross-site scripting (XSS) vulnerability in the Palo Alto Network PAN-OS web interface enables an authenticated network-based attacker to mislead another authenticated PAN-OS administrator to click on a specially crafted link that performs arbitrary actions in the PAN-OS web interface as the targeted authenticated administrator."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than 8.1.20;\nPAN-OS 9.0 versions earlier than 9.0.14;\nPAN-OS 9.1 versions earlier than 9.1.10;\nPAN-OS 10.0 versions earlier than 10.0.2.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than 8.1.20;\nPAN-OS 9.0 versions earlier than 9.0.14;\nPAN-OS 9.1 versions earlier than 9.1.10;\nPAN-OS 10.0 versions earlier than 10.0.2.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.10","versionType":"custom","changes":[{"at":"9.1.10","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.2","versionType":"custom","changes":[{"at":"10.0.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3052"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Cristian Mocanu and Dan Marin of Deloitte for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-150337"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat IDs 91573, 91574, 91575, 91576 on traffic destined for the web interface to block attacks against CVE-2021-3052.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Enable signatures for Unique Threat IDs 91573, 91574, 91575, 91576 on traffic destined for the web interface to block attacks against CVE-2021-3052.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.14, PAN-OS 8.1.20, PAN-OS 9.1.10, PAN-OS 10.0.2, PAN-OS 10.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-12T16:00:00.000Z","lang":"eng","value":"Added threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3053","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-09-08T00:00:00","dateReserved":"2021-09-08T00:00:00","dateUpdated":"2021-09-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Exceptional Condition Denial-of-Service (DoS)","datePublic":"2021-09-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-09-08T17:10:19","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper handling of exceptional conditions vulnerability exists in the Palo Alto Networks PAN-OS dataplane that enables an unauthenticated network-based attacker to send specifically crafted traffic through the firewall that causes the service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.5.\n\nThis issue does not affect Prisma Access.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.20;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.14;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.9;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.5.\n\nThis issue does not affect Prisma Access."}]}],"x_affectedList":["PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.19","PAN-OS 8.1.18","PAN-OS 8.1.17","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.20","versionType":"custom","changes":[{"at":"8.1.20","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.14","versionType":"custom","changes":[{"at":"9.0.14","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.9","versionType":"custom","changes":[{"at":"9.1.9","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.5","versionType":"custom","changes":[{"at":"10.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3053"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-755 Improper Handling of Exceptional Conditions","cweId":"CWE-755"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-158723"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only if GTP security is configured on the firewall.","supportingMedia":{"value":"This issue is applicable only if GTP security is configured on the firewall.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91593 on traffic processed by the firewall to block attacks against CVE-2021-3053.","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91593 on traffic processed by the firewall to block attacks against CVE-2021-3053.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.20, PAN-OS 9.0.14, PAN-OS 9.1.9, PAN-OS 10.0.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-09-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-09-13T16:00:00.000Z","lang":"eng","value":"Added required configuration for exposure and threat prevention workaround for the vulnerability"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2021-3050","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2021-08-11T00:00:00","dateReserved":"2021-08-11T00:00:00","dateUpdated":"2021-08-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS Command Injection Vulnerability in Web Interface","datePublic":"2021-08-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2021-08-11T17:10:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges.\n\nThis issue impacts:\nPAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14;\nPAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;\nPAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions;\nPAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1.\n\nPrisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges.\n\nThis issue impacts:\nPAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14;\nPAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10;\nPAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions;\nPAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1.\n\nPrisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.\n"}]}],"x_affectedList":["PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0","PAN-OS 10.1","PAN-OS 10.0.11-h1","PAN-OS 10.0.11","PAN-OS 10.0.10","PAN-OS 10.0.9","PAN-OS 10.0.8-h8","PAN-OS 10.0.8-h7","PAN-OS 10.0.8-h6","PAN-OS 10.0.8-h5","PAN-OS 10.0.8-h4","PAN-OS 10.0.8-h3","PAN-OS 10.0.8-h2","PAN-OS 10.0.8-h1","PAN-OS 10.0.8","PAN-OS 10.0.7","PAN-OS 10.0.6","PAN-OS 10.0.5","PAN-OS 10.0.4","PAN-OS 10.0.3","PAN-OS 10.0.2","PAN-OS 10.0.1","PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.14-h4","PAN-OS 9.1.14-h3","PAN-OS 9.1.14-h2","PAN-OS 9.1.14-h1","PAN-OS 9.1.14","PAN-OS 9.1.13-h3","PAN-OS 9.1.13-h2","PAN-OS 9.1.13-h1","PAN-OS 9.1.13","PAN-OS 9.1.12-h3","PAN-OS 9.1.12-h2","PAN-OS 9.1.12-h1","PAN-OS 9.1.12","PAN-OS 9.1.11-h3","PAN-OS 9.1.11-h2","PAN-OS 9.1.11-h1","PAN-OS 9.1.11","PAN-OS 9.1.10","PAN-OS 9.1.9","PAN-OS 9.1.8","PAN-OS 9.1.7","PAN-OS 9.1.6","PAN-OS 9.1.5","PAN-OS 9.1.4","PAN-OS 9.1","PAN-OS 9.0.16-h3","PAN-OS 9.0.16-h2","PAN-OS 9.0.16-h1","PAN-OS 9.0.16","PAN-OS 9.0.15","PAN-OS 9.0.14-h4","PAN-OS 9.0.14-h3","PAN-OS 9.0.14-h2","PAN-OS 9.0.14-h1","PAN-OS 9.0.14","PAN-OS 9.0.13","PAN-OS 9.0.12","PAN-OS 9.0.11","PAN-OS 9.0.10","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"9.0.10","status":"affected","lessThan":"9.0*","versionType":"custom","changes":[{"at":"9.0.15","status":"unaffected"}]},{"version":"9.1.4","status":"affected","lessThan":"9.1*","versionType":"custom","changes":[{"at":"9.1.11","status":"unaffected"}]},{"version":"10.0.0","status":"affected","lessThan":"10.0*","versionType":"custom","changes":[{"at":"10.0.8","status":"unaffected"}]},{"version":"10.1.0","status":"affected","lessThan":"10.1*","versionType":"custom","changes":[{"at":"10.1.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2021-3050"}],"credits":[{"lang":"en","value":"This issue was found by an external security researcher."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-174326"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n","supportingMedia":{"value":"Enable signatures for Unique Threat ID 91439 on traffic destined for the web interface to block attacks against CVE-2021-3050.\n\nThis issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.\n","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue. However, exploits for this issue are publicly available.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions.","supportingMedia":{"value":"We intend to fix this issue in PAN-OS 9.0.15 (ETA November 2021), PAN-OS 9.1.11 (ETA September 2021), PAN-OS 10.0.8 (ETA September 2021), PAN-OS 10.1.2 (ETA September 2021) and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-08-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2022","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama session disclosure during context switch into managed device","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panorama administrator performs a context switch into that device. This vulnerability allows an attacker to gain privileged access to the Panorama web interface. An attacker requires some knowledge of managed firewalls to exploit this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5."}]}],"x_affectedList":["PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"10.0.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.17","versionType":"custom","changes":[{"at":"8.1.17","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.11","versionType":"custom","changes":[{"at":"9.0.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.5","versionType":"custom","changes":[{"at":"9.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2022"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-200 Information Exposure","cweId":"CWE-200"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125218"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","supportingMedia":{"value":"This issue is not applicable when custom certificate authentication is enabled between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","supportingMedia":{"value":"This issue can be completely mitigated by enabling custom certificate authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/10-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html","type":"text/html","base64":false}},{"lang":"en","value":"This issue impacts the management web interface of appliances running PAN-OS software and is strongly mitigated by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/best-practices"}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2050","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-19T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authentication bypass vulnerability in GlobalProtect client certificate verification","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:22","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication.\n\nImpacted features that use SSL VPN with client certificate verification are:\n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n GlobalProtect Large Scale VPN\n\nIn configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an invalid certificate. A remote attacker can successfully authenticate as any user and gain access to restricted VPN network resources when the gateway or portal is configured to rely entirely on certificate-based authentication.\n\nImpacted features that use SSL VPN with client certificate verification are:\n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n GlobalProtect Large Scale VPN\n\nIn configurations where client certificate verification is used in conjunction with other authentication methods, the protections added by the certificate check are ignored as a result of this issue."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.17;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.11;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.5;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1."}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.4","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.10","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.16","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.17","versionType":"custom","changes":[{"at":"8.1.17","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.11","versionType":"custom","changes":[{"at":"9.0.11","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.5","versionType":"custom","changes":[{"at":"9.1.5","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2050"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":8.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-285 Improper Authorization","cweId":"CWE-285"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-146650"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is only applicable to PAN-OS appliances using the GlobalProtect VPN, gateway, or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue.\n","supportingMedia":{"value":"This issue is only applicable to PAN-OS appliances using the GlobalProtect VPN, gateway, or portal configured to allow users to authenticate with client certificate authentication.\n\nThis issue can not be exploited if client certificate authentication is not in use.\n\nOther forms of authentication are not impacted by this issue.\n","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59884 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2050.\n\nThis issue can be mitigated by configuring GlobalProtect to require users to authenticate with their credentials. Other authentication methods are not impacted by this issue.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59884 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2050.\n\nThis issue can be mitigated by configuring GlobalProtect to require users to authenticate with their credentials. Other authentication methods are not impacted by this issue.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.17, PAN-OS 9.0.11, PAN-OS 9.1.5, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-11-13T00:42:00.000Z","lang":"eng","value":"New workaround is available."},{"time":"2020-11-19T21:00:00.000Z","lang":"eng","value":"Updated to mention LSVPN and IPSec based VPN is not affected."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2000","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-11-11T00:00:00","dateReserved":"2020-11-11T00:00:00","dateUpdated":"2020-11-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection and memory corruption vulnerability","datePublic":"2020-11-11T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-11-12T00:05:20","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitrary code and OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.4;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.4;\nPAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n"}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.4","versionType":"custom","changes":[{"at":"9.1.4","status":"unaffected"}]},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2000"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-149822","PAN-150013","PAN-150170","CYR-14134","CYR-14135"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59888, and 59891 on a firewall protecting the management interface will block attacks against CVE-2020-2000.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59888, and 59891 on a firewall protecting the management interface will block attacks against CVE-2020-2000.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-11-11T17:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-11-13T00:47:00.000Z","lang":"eng","value":"Added a new workaround"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2042","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2020-09-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1.\n"}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.1.*","status":"unaffected"},{"version":"9.0.*","status":"unaffected"},{"version":"8.1.*","status":"unaffected"},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2042"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-145797","PAN-150409"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 10.0.1 and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2038","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2022-09-16T15:06:18","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 9.0 versions earlier than 9.0.10;\nPAN-OS 9.1 versions earlier than 9.1.4;\nPAN-OS 10.0 versions earlier than 10.0.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 9.0 versions earlier than 9.0.10;\nPAN-OS 9.1 versions earlier than 9.1.4;\nPAN-OS 10.0 versions earlier than 10.0.1."}]}],"x_affectedList":["PAN-OS 10.0.0","PAN-OS 10.0","PAN-OS 9.1.3-h1","PAN-OS 9.1.3","PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"10.0","status":"affected","lessThan":"10.0.1","versionType":"custom","changes":[{"at":"10.0.1","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.4","versionType":"custom","changes":[{"at":"9.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2038"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-101484"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59954 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2038.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59954 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2038.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.10, PAN-OS 9.1.4, PAN-OS 10.0.1, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"},{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2037","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:26","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.10;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3."}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.9-h1","PAN-OS 9.0.9","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.10","versionType":"custom","changes":[{"at":"9.0.10","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]},{"version":"10.0.0","status":"unaffected","lessThan":"10.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2037"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov of Positive Technologies, and Nicholas Newsom of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-128761"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59971 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2037.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59971 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2037.\n\nThis issue impacts the PAN-OS management web interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.10, PAN-OS 9.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2036","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2021-02-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T18:16:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions."}]},{"lang":"en","value":"This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts:\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.16;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9."}]}],"x_affectedList":["PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"},{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]},{"version":"10.0.0","status":"unaffected","lessThan":"10.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2036"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Mikhail Klyuchnikov and Nikita Abramov of Positive Technologies and Ben Nott of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-116720"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59968 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2036.\n\nAdministrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources. \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 59968 on traffic destined for the GlobalProtect portal, gateway, or VPN will block attacks against CVE-2020-2036.\n\nAdministrators should use caution when they are authenticated to the firewall management web interface and not click or open links from unsolicited sources. \n\nThis issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. \nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n\nPalo Alto Networks is aware of publicly available information that may help construct proof of concept exploits for these issues.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16, PAN-OS 9.0.9, and all later PAN-OS versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2021-02-12T20:00:00.000Z","lang":"eng","value":"Updated the availability of exploitation resources"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2041","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2020-09-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Management web interface denial-of-service (DoS)","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.\n\nThis issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode.\n\nThis issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16."}]}],"x_affectedList":["PAN-OS 8.1.15-h3","PAN-OS 8.1.15-h2","PAN-OS 8.1.15-h1","PAN-OS 8.1.15","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0.*","status":"unaffected"},{"version":"9.1.*","status":"unaffected"},{"version":"10.0.*","status":"unaffected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.16","versionType":"custom","changes":[{"at":"8.1.16","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2041"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-16 Configuration","cweId":"CWE-16"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-151978"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the management web interface of PAN-OS. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.16 and all later PAN-OS versions.\n\nPAN-OS 7.1 and PAN-OS 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2040","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-09-09T00:00:00","dateReserved":"2020-09-09T00:00:00","dateUpdated":"2020-09-09T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow when Captive Portal or Multi-Factor Authentication (MFA) is enabled","datePublic":"2020-09-09T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-09-09T16:45:27","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface.\nThis issue impacts:\nAll versions of PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.15;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3.\n\nThis issue does not impact the GlobalProtect VPN or the PAN-OS management web interfaces.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface.\nThis issue impacts:\nAll versions of PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.15;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.9;\nPAN-OS 9.1 versions earlier than PAN-OS 9.1.3.\n\nThis issue does not impact the GlobalProtect VPN or the PAN-OS management web interfaces."}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]},{"version":"10.0.0","status":"unaffected","lessThan":"10.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2040"}],"credits":[{"lang":"en","value":"This issue was found by Yamata Li of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-120 Buffer Overflow","cweId":"CWE-120"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-145149","PAN-145150","PAN-145151","PAN-145195"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only where either Captive Portal is enabled or Multi-Factor Authentication (MFA) is configured as per https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/authentication/configure-multi-factor-authentication.html","supportingMedia":{"value":"This issue is applicable only where either Captive Portal is enabled or Multi-Factor Authentication (MFA) is configured as per https://docs.paloaltonetworks.com/pan-os/10-0/pan-os-admin/authentication/configure-multi-factor-authentication.html","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures in content update version 8317 will block attacks against CVE-2020-2040.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures in content update version 8317 will block attacks against CVE-2020-2040.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nAll Prisma Access services are now upgraded to resolve this issue and are no longer vulnerable.\n\nPAN-OS 7.1 and 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.\n\nAll Prisma Access services are now upgraded to resolve this issue and are no longer vulnerable.\n\nPAN-OS 7.1 and 8.0 are end-of-life and are no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-09-09T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2034","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-07-08T00:00:00","dateReserved":"2020-07-08T00:00:00","dateUpdated":"2020-07-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in GlobalProtect portal","datePublic":"2020-07-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-07-08T16:35:17","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue. This issue cannot be exploited if the GlobalProtect portal feature is not enabled.\nThis issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1.\nPrisma Access services are not impacted by this vulnerability. Firewalls that were upgraded to the latest versions of PAN-OS to resolve CVE-2020-2021 are not vulnerable to this issue.\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS GlobalProtect portal allows an unauthenticated network-based attacker to execute arbitrary OS commands with root privileges. An attacker would require some level of specific information about the configuration of an impacted firewall or perform brute-force attacks to exploit this issue. This issue cannot be exploited if the GlobalProtect portal feature is not enabled.\nThis issue impacts PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; all versions of PAN-OS 8.0 and PAN-OS 7.1.\nPrisma Access services are not impacted by this vulnerability. Firewalls that were upgraded to the latest versions of PAN-OS to resolve CVE-2020-2021 are not vulnerable to this issue.\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n"}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2034"}],"credits":[{"lang":"en","value":"This issue was found by Yamata Li of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-145587"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only where GlobalProtect portal is enabled.","supportingMedia":{"value":"This issue is applicable only where GlobalProtect portal is enabled.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 58658 on traffic destined for the GlobalProtect portal will block attacks against CVE-2020-2034.","supportingMedia":{"value":"Until PAN-OS software is upgraded to a fixed version, enabling signatures for Unique Threat ID 58658 on traffic destined for the GlobalProtect portal will block attacks against CVE-2020-2034.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."}],"timeline":[{"time":"2020-07-08T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-07-10T06:07:00.000Z","lang":"eng","value":"Updated workaround section with Threat Prevention signature."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2030","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-07-08T00:00:00","dateReserved":"2020-07-08T00:00:00","dateUpdated":"2020-07-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in the management interface","datePublic":"2020-07-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-07-08T16:35:16","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0.\n\nThis issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0.\n\nThis issue does not impact PAN-OS 9.0, PAN-OS 9.1, or Prisma Access services."}]}],"x_affectedList":["PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2030"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100226","PAN-102677"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the PAN-OS management interface but you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.15 and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 7.1 and PAN-OS 8.0 are end-of-life (as of June 30, 2020 and October 31, 2019 respectively) and are no longer covered by our Product Security Assurance policies."}],"timeline":[{"time":"2020-07-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2021","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-29T00:00:00","dateReserved":"2020-06-29T00:00:00","dateUpdated":"2020-06-29T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authentication Bypass in SAML Authentication","datePublic":"2020-06-29T15:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-29T15:10:11","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability.\n\nThis issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1.\n\nThis issue cannot be exploited if SAML is not used for authentication. \n\nThis issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled (checked) in the SAML Identity Provider Server Profile.\n\nResources that can be protected by SAML-based single sign-on (SSO) authentication are: \n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n Authentication and Captive Portal,\n PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces,\n Prisma Access\n\nIn the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal, or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N).\n\nIn the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).\n\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources. The attacker must have network access to the vulnerable server to exploit this vulnerability.\n\nThis issue affects PAN-OS 9.1 versions earlier than PAN-OS 9.1.3; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15, and all versions of PAN-OS 8.0 (EOL). This issue does not affect PAN-OS 7.1.\n\nThis issue cannot be exploited if SAML is not used for authentication. \n\nThis issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled (checked) in the SAML Identity Provider Server Profile.\n\nResources that can be protected by SAML-based single sign-on (SSO) authentication are: \n GlobalProtect Gateway,\n GlobalProtect Portal,\n GlobalProtect Clientless VPN,\n Authentication and Captive Portal,\n PAN-OS next-generation firewalls (PA-Series, VM-Series) and Panorama web interfaces,\n Prisma Access\n\nIn the case of GlobalProtect Gateways, GlobalProtect Portal, Clientless VPN, Captive Portal, and Prisma Access, an unauthenticated attacker with network access to the affected servers can gain access to protected resources if allowed by configured authentication and Security policies. There is no impact on the integrity and availability of the gateway, portal, or VPN server. An attacker cannot inspect or tamper with sessions of regular users. In the worst case, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N).\n\nIn the case of PAN-OS and Panorama web interfaces, this issue allows an unauthenticated attacker with network access to the PAN-OS or Panorama web interfaces to log in as an administrator and perform administrative actions. In the worst-case scenario, this is a critical severity vulnerability with a CVSS Base Score of 10.0 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). If the web interfaces are only accessible to a restricted management network, then the issue is lowered to a CVSS Base Score of 9.6 (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).\n\nPalo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n"}]}],"x_affectedList":["PAN-OS 9.1.2-h1","PAN-OS 9.1.2","PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.8","PAN-OS 9.0.7","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.14-h2","PAN-OS 8.1.14-h1","PAN-OS 8.1.14","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"unaffected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.15","versionType":"custom","changes":[{"at":"8.1.15","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.9","versionType":"custom","changes":[{"at":"9.0.9","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.3","versionType":"custom","changes":[{"at":"9.1.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2021"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Salman Khan from the Cyber Risk and Resilience Team and Cameron Duck from the Identity Services Team at Monash University for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":10,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-347 Improper Verification of Cryptographic Signature","cweId":"CWE-347"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-148988"],"discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue is applicable only where SAML authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked) in the SAML Identity Provider Server Profile.\nThis issue cannot be exploited if SAML is not used for authentication.\nThis issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled in the SAML Identity Provider Server Profile.\nDetailed descriptions of how to check for the configuration required for exposure and mitigate them are listed in the knowledge base article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK.\nTo check whether SAML authentication is enabled on a firewall, see the configuration under Device > Server Profiles > SAML Identity Provider.\nTo check whether SAML authentication is enabled for Panorama administrator authentication, see the configuration under Panorama> Server Profiles > SAML Identity Provider\nTo check whether SAML authentication is enabled for firewalls managed by Panorama, see the configuration under Device > [template]> Server Profiles > SAML Identity Provider.\nAny unauthorized access is logged in the system logs based on the configuration; however, it can be difficult to distinguish between valid and malicious logins or sessions.\n","supportingMedia":{"value":"This issue is applicable only where SAML authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked) in the SAML Identity Provider Server Profile.\nThis issue cannot be exploited if SAML is not used for authentication.\nThis issue cannot be exploited if the 'Validate Identity Provider Certificate' option is enabled in the SAML Identity Provider Server Profile.\nDetailed descriptions of how to check for the configuration required for exposure and mitigate them are listed in the knowledge base article https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK.\nTo check whether SAML authentication is enabled on a firewall, see the configuration under Device > Server Profiles > SAML Identity Provider.\nTo check whether SAML authentication is enabled for Panorama administrator authentication, see the configuration under Panorama> Server Profiles > SAML Identity Provider\nTo check whether SAML authentication is enabled for firewalls managed by Panorama, see the configuration under Device > [template]> Server Profiles > SAML Identity Provider.\nAny unauthorized access is logged in the system logs based on the configuration; however, it can be difficult to distinguish between valid and malicious logins or sessions.\n","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Using a different authentication method and disabling SAML authentication will completely mitigate the issue.\nUntil an upgrade can be performed, applying both these mitigations (a) and (b) eliminates the configuration required for exposure to this vulnerability:\n\n(a) Ensure that the 'Identity Provider Certificate' is configured. Configuring the 'Identity Provider Certificate' is an essential part of a secure SAML authentication configuration.\n\n(b) If the identity provider (IdP) certificate is a certificate authority (CA) signed certificate, then ensure that the 'Validate Identity Provider Certificate' option is enabled in the SAML Identity Provider Server Profile. Many popular IdPs generate self-signed IdP certificates by default and the 'Validate Identity Provider Certificate' option cannot be enabled. Additional steps may be required to use a certificate signed by a CA. This certificate can be signed by an internal enterprise CA, the CA on the PAN-OS, or a public CA. Instructions to configure a CA-issued certificate on IdPs are available at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXP.\n\nUpgrading to a fixed version of PAN-OS software prevents any future configuration changes related to SAML that inadvertently expose protected services to attacks.\n","supportingMedia":{"value":"Using a different authentication method and disabling SAML authentication will completely mitigate the issue.\nUntil an upgrade can be performed, applying both these mitigations (a) and (b) eliminates the configuration required for exposure to this vulnerability:\n\n(a) Ensure that the 'Identity Provider Certificate' is configured. Configuring the 'Identity Provider Certificate' is an essential part of a secure SAML authentication configuration.\n\n(b) If the identity provider (IdP) certificate is a certificate authority (CA) signed certificate, then ensure that the 'Validate Identity Provider Certificate' option is enabled in the SAML Identity Provider Server Profile. Many popular IdPs generate self-signed IdP certificates by default and the 'Validate Identity Provider Certificate' option cannot be enabled. Additional steps may be required to use a certificate signed by a CA. This certificate can be signed by an internal enterprise CA, the CA on the PAN-OS, or a public CA. Instructions to configure a CA-issued certificate on IdPs are available at https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXP.\n\nUpgrading to a fixed version of PAN-OS software prevents any future configuration changes related to SAML that inadvertently expose protected services to attacks.\n","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","supportingMedia":{"value":"Palo Alto Networks is not aware of any malicious attempts to exploit this vulnerability.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.15, PAN-OS 9.0.9, PAN-OS 9.1.3, and all later versions.\n\nImportant: Ensure that the signing certificate for your SAML Identity Provider is configured as the 'Identity Provider Certificate' before you upgrade to a fixed version to ensure that your users can continue to authenticate successfully. Configuring the 'Identity Provider Certificate' is an essential part of a secure SAML authentication configuration. https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/authentication/configure-saml-authentication\n\nDetails of all actions required before and after upgrading PAN-OS are available in https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXK. \n\nTo eliminate unauthorized sessions on GlobalProtect portals and gateways, Prisma Access managed through Panorama, change the certificate used to encrypt and decrypt the Authentication Override cookie on the GlobalProtect portal and gateways using the Panorama or firewall web interface. Refer to this article for configuring Authentication override cookies: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008UXy\n\nRestarting firewalls and Panorama eliminates any unauthorized sessions on the web interface.\nTo clear any unauthorized user sessions in Captive Portal take the following steps: \nRun the following command \n show user ip-user-mapping all type SSO\nFor all the IPs returned, run these two commands to clear the users:\n clear user-cache-mp
A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2027"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["CYR-10833"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes.\n"}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-10T00:00:00","dateReserved":"2020-06-10T00:00:00","dateUpdated":"2020-06-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification","datePublic":"2020-06-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:28:28","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in PAN-OS management server allows authenticated administrators to execute arbitrary OS commands with root privileges when uploading a new certificate in FIPS-CC mode."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and PAN-OS 8.0;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13;\nPAN-OS 9.0 versions earlier than PAN-OS 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2028"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125804"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes."}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2029","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-06-10T00:00:00","dateReserved":"2020-06-10T00:00:00","dateUpdated":"2020-06-10T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection vulnerability in management interface certificate generator","datePublic":"2020-06-10T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:28:40","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in the PAN-OS web management interface allows authenticated administrators to execute arbitrary OS commands with root privileges by sending a malicious request to generate new certificates for use in the PAN-OS configuration."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 8.0;\nPAN-OS 7.1 versions earlier than PAN-OS 7.1.26;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 8.0;\nPAN-OS 7.1 versions earlier than PAN-OS 7.1.26;\nPAN-OS 8.1 versions earlier than PAN-OS 8.1.13."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2029"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Przemysław Kowalski of STM Solutions for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-124621"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and you can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, and all later PAN-OS versions.","type":"text/html","base64":false}},{"lang":"en","value":"PAN-OS 8.0 is end-of-life (as of October 31, 2019) and is no longer covered by our Product Security Assurance policies.\nPAN-OS 7.1 is on extended support until June 30, 2020, and we are considering updates only for critical security vulnerability fixes.\n"}],"timeline":[{"time":"2020-06-10T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2012","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama: XML external entity reference ('XXE') vulnerability leads the to information leak","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:23:19","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system.\n\nThis issue affects:\nAll versions of PAN-OS for Panorama 7.1 and 8.0;\nPAN-OS for Panorama 8.1 versions earlier than 8.1.13;\nPAN-OS for Panorama 9.0 versions earlier than 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system.\n\nThis issue affects:\nAll versions of PAN-OS for Panorama 7.1 and 8.0;\nPAN-OS for Panorama 8.1 versions earlier than 8.1.13;\nPAN-OS for Panorama 9.0 versions earlier than 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2012"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-611 Improper Restriction of XML External Entity Reference ('XXE')","cweId":"CWE-611"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-119810"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2010","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Authenticated user command injection vulnerability","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:22:50","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2010"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-126362"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2009","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama SD WAN arbitrary file creation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2009"}],"credits":[{"lang":"en","value":"This issue was found by Nicholas Newsom and Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-73 External Control of File Name or Path","cweId":"CWE-73"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-130361"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2013","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama context switch session cookie disclosure","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama."}]},{"lang":"en","value":"This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.13;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nPAN-OS 9.1 versions earlier than 9.1.1;\n\nAll version of PAN-OS 8.0;","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.13;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nPAN-OS 9.1 versions earlier than 9.1.1;\n\nAll version of PAN-OS 8.0;"}]}],"x_affectedList":["PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.1","versionType":"custom","changes":[{"at":"9.1.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2013"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.3,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-319 Cleartext Transmission of Sensitive Information","cweId":"CWE-319"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-125122"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator’s session cookie is valid at time of attack.","supportingMedia":{"value":"One possible vulnerability mitigation is to shorten the length of administrator session idle timeout. This reduces the likelihood the exposed administrator’s session cookie is valid at time of attack.","type":"text/html","base64":false}},{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com"}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2018","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama authentication bypass vulnerability","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. \nThis issue does not affect Panorama configured with custom certificates authentication for communication between Panorama and managed devices.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass vulnerability in the Panorama context switching feature allows an attacker with network access to a Panorama's management interface to gain privileged access to managed firewalls. An attacker requires some knowledge of managed firewalls to exploit this issue. \nThis issue does not affect Panorama configured with custom certificates authentication for communication between Panorama and managed devices."}]},{"lang":"en","value":"This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.12;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\n\nPAN-OS 8.1 versions earlier than 8.1.12;\n\nPAN-OS 9.0 versions earlier than 9.0.6;\n\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.12","versionType":"custom","changes":[{"at":"8.1.12","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2018"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-123661"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue can be completely mitigated by enabling custom certificates authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/8-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html\n\nThis issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue can be completely mitigated by enabling custom certificates authentication between Panorama and managed firewalls. See https://docs.paloaltonetworks.com/panorama/8-0/panorama-admin/set-up-panorama/set-up-authentication-using-custom-certificates.html\n\nThis issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nUpgrading Panorama to a fixed version is sufficient to resolve the issue.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nUpgrading Panorama to a fixed version is sufficient to resolve the issue.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2002","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Spoofed Kerberos key distribution center authentication bypass","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator."}]},{"lang":"en","value":"This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll version of PAN-OS 8.0.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll version of PAN-OS 8.0.\n"}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2002"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Yoav Iellin, Yaron Kassner, and Rotem Zach from Silverfort for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-290 Authentication Bypass by Spoofing","cweId":"CWE-290"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-118957"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"Ensure that PAN-OS communicates to Kerberos server over a secured network with access restricted to trusted users.\n\nPlease review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2001","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-09-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama External control of file vulnerability leads to privilege escalation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An external control of path and data vulnerability in the Palo Alto Networks PAN-OS Panorama XSLT processing logic that allows an unauthenticated user with network access to PAN-OS management interface to write attacker supplied file on the system and elevate privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 Panorama and 8.0 Panorama versions;\n\nPAN-OS 8.1 versions earlier than 8.1.12 on Panorama;\n\nPAN-OS 9.0 versions earlier than 9.0.6 on Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 Panorama and 8.0 Panorama versions;\n\nPAN-OS 8.1 versions earlier than 8.1.12 on Panorama;\n\nPAN-OS 9.0 versions earlier than 9.0.6 on Panorama."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.12","versionType":"custom","changes":[{"at":"8.1.12","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2001"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-123 Write-what-where Condition","cweId":"CWE-123"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-120397"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","supportingMedia":{"value":"This issue impacts the management web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com/best-practices.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.12, PAN-OS 9.0.6, and all later PAN-OS versions.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-09-11T22:06:00.000Z","lang":"eng","value":"Added workaround section"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2017","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: DOM-Based cross site scripting vulnerability in management web interface","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:24:05","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces.\nA remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A DOM-Based Cross Site Scripting Vulnerability exists in PAN-OS and Panorama Management Web Interfaces.\nA remote attacker able to convince an authenticated administrator to click on a crafted link to PAN-OS and Panorama Web Interfaces could execute arbitrary JavaScript code in the administrator's browser and perform administrative actions.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2017"}],"credits":[{"lang":"en","value":"This issue was found by Chris Ganas of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-121058"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2014","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS injection vulnerability in PAN-OS management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges.\n\nThis issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges.\n\nThis issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14;\nPAN-OS 9.0 versions earlier than 9.0.7.\n"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2014"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-127118"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2020-0006","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Nginx software upgraded to resolve multiple vulnerabilities","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Nginx software included with PAN-OS has been upgraded to resolve multiple vulnerabilities.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Nginx software included with PAN-OS has been upgraded to resolve multiple vulnerabilities."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]},{"lang":"en","value":"The resolved vulnerabilities include:","supportingMedia":[{"type":"text/html","base64":"false","value":"
The resolved vulnerabilities include:"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2012"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-476 NULL Pointer Dereference","cweId":"CWE-476"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-117480"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"Issues that affect the management interface of PAN-OS are strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"Issues that affect the management interface of PAN-OS are strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"These issues are fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"These issues are fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2006","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in management server payload parser","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14."}]}],"x_affectedList":["PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2006"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks Jin Chen of Palo Alto Networks for discovering and reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100855"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2020-0005","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OpenSSH software upgraded to resolve multiple vulnerabilities","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"OpenSSH software included with PAN-OS has been upgraded to resolve security vulnerability CVE-2016-10012. Additionally, code changes have been made to the server component of the OpenSSH software included in PAN-OS in response to CVE-2015-8325 and CVE-2016-1908 though PAN-OS is not impacted by these issues.\n\nThis issues affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.1;\nAll versions of PAN-OS 8.0.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
OpenSSH software included with PAN-OS has been upgraded to resolve security vulnerability CVE-2016-10012. Additionally, code changes have been made to the server component of the OpenSSH software included in PAN-OS in response to CVE-2015-8325 and CVE-2016-1908 though PAN-OS is not impacted by these issues.\n\nThis issues affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.1;\nAll versions of PAN-OS 8.0.\n"}]}],"x_affectedList":["PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.1","versionType":"custom","changes":[{"at":"9.0.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2020-0005"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-111061"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2008","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection or arbitrary file deletion vulnerability","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition."}]},{"lang":"en","value":"This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nAll versions of PAN-OS 7.1 and 8.0;\nPAN-OS 8.1 versions earlier than 8.1.14."}]}],"x_affectedList":["PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2008"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-73 External Control of File Name or Path","cweId":"CWE-73"}]},{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102688"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2015","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:23:49","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nPAN-OS 9.1 versions earlier than 9.1.1;\nAll versions of PAN-OS 8.0.\n\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges.\n\nThis issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nPAN-OS 9.1 versions earlier than 9.1.1;\nAll versions of PAN-OS 8.0.\n\n"}]}],"x_affectedList":["PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.1","versionType":"custom","changes":[{"at":"9.1.1","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2015"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-120 Buffer Overflow","cweId":"CWE-120"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100734"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, PAN-OS 9.1.1, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2005","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: GlobalProtect Clientless VPN session hijacking","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-14T15:40:56","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session.\nThis issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session.\nThis issue affects:\n\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.7;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2005"}],"credits":[{"lang":"en","value":"This issue was discovered by Ron Masas of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":7.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-79 Cross-site Scripting (XSS)","cweId":"CWE-79"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["GPCON-551"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"This issue only affects firewalls configured with GlobalProtect Clientless VPN.","supportingMedia":{"value":"This issue only affects firewalls configured with GlobalProtect Clientless VPN.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites.","supportingMedia":{"value":"Configure GlobalProtect Clientless VPN to only access known trusted websites, and block access all other websites.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.7, and all later versions of PAN-OS.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2007","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: OS command injection in management server","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges."}]},{"lang":"en","value":"This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll PAN-OS 7.1 and 8.0 versions;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2007"}],"credits":[{"lang":"en","value":"This issue was found by Jin Chen of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 OS Command Injection","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102682"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.7 and later PAN-OS 9.0 versions; PAN-OS 8.1.14 and later PAN-OS 8.1 versions; and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2011","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-20T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Panorama registration denial of service","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode."}]},{"lang":"en","value":"This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7;","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\n\nAll versions of PAN-OS 7.1 and 8.0;\n\nPAN-OS 8.1 versions earlier than 8.1.14;\n\nPAN-OS 9.0 versions earlier than 9.0.7;"}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.13","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.26","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"affected"},{"version":"8.0.*","status":"affected"},{"version":"8.1","status":"affected","lessThan":"8.1.14","versionType":"custom","changes":[{"at":"8.1.14","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2011"}],"credits":[{"lang":"en","value":"This issue was found by Ben Nott of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-118226"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","supportingMedia":{"value":"This issues affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.14, PAN-OS 9.0.7, PAN-OS 9.1.0 and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.\n\nPAN-OS 7.1 is on extended support until June 30, 2020, and is only being considered for critical security vulnerability fixes.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-20T19:00:00.000Z","lang":"eng","value":"Removed 9.1.0 from affected releases"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-2016","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-05-13T00:00:00","dateReserved":"2020-05-13T00:00:00","dateUpdated":"2020-05-13T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Temporary file race condition vulnerability in PAN-OS leads to local privilege escalation","datePublic":"2020-05-13T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-06-10T17:24:03","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account.\n\nThis allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account.\n\nThis allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user."}]},{"lang":"en","value":"This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0.","supportingMedia":[{"type":"text/html","base64":"false","value":"
This issue affects:\nPAN-OS 7.1 versions earlier than 7.1.26;\nPAN-OS 8.1 versions earlier than 8.1.13;\nPAN-OS 9.0 versions earlier than 9.0.6;\nAll versions of PAN-OS 8.0."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.20","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.25","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0.*","status":"affected"},{"version":"7.1","status":"affected","lessThan":"7.1.26","versionType":"custom","changes":[{"at":"7.1.26","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.6","versionType":"custom","changes":[{"at":"9.0.6","status":"unaffected"}]},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-2016"}],"credits":[{"lang":"en","value":"Palo Alto Networks thanks the UK's National Cyber Security Centre (NCSC) for discovering and reporting this issue."},{"lang":"en","value":"Palo Alto Networks thanks the NCC Group for finding this issue independently during a contracted PAN-OS security assessment."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-377 Insecure Temporary File","cweId":"CWE-377"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-128248"],"discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any exploitation of this issue.","supportingMedia":{"value":"Palo Alto Networks is not aware of any exploitation of this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","supportingMedia":{"value":"This issue is fixed in PAN-OS 7.1.26, PAN-OS 8.1.13, PAN-OS 9.0.6, PAN-OS 9.1.0, and all later PAN-OS versions.\n\nPAN-OS 8.0 is now end-of-life as of October 31, 2019, and is no longer covered by our Product Security Assurance policies.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-05-13T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1992","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-04-08T00:00:00","dateReserved":"2020-04-08T00:00:00","dateUpdated":"2020-04-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS on PA-7000 Series: Varrcvr daemon network-based denial of service or privilege escalation","datePublic":"2020-04-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-04-08T18:41:58","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured.\n\nThis issue requires WildFire services to be configured and enabled.\n\nThis issue does not affect PAN-OS 8.1 and earlier releases.\n\nThis issue does not affect any other PA Series firewalls.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured.\n\nThis issue requires WildFire services to be configured and enabled.\n\nThis issue does not affect PAN-OS 8.1 and earlier releases.\n\nThis issue does not affect any other PA Series firewalls."}]}],"x_affectedList":["PAN-OS 9.1.1","PAN-OS 9.1.0-h3","PAN-OS 9.1.0-h2","PAN-OS 9.1.0-h1","PAN-OS 9.1.0","PAN-OS 9.1","PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]},{"version":"9.1","status":"affected","lessThan":"9.1.2","versionType":"custom","changes":[{"at":"9.1.2","status":"unaffected"}]}],"platforms":["PA-7000 series with LFC"]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1.*","status":"unaffected"},{"version":"8.0.*","status":"unaffected"},{"version":"7.1.*","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1992"}],"credits":[{"lang":"en","value":"This issue was found by a customer."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-134 Use of Externally-Controlled Format String","cweId":"CWE-134"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-135103"],"discovery":"USER"},"configurations":[{"lang":"en","value":"This issue requires WildFire services to be configured and enabled.","supportingMedia":{"value":"This issue requires WildFire services to be configured and enabled.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"There are no viable workarounds for this issue.","supportingMedia":{"value":"There are no viable workarounds for this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 9.0.7, PAN-OS 9.1.2 and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-04-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1990","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-04-08T00:00:00","dateReserved":"2020-04-08T00:00:00","dateUpdated":"2020-04-08T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Buffer overflow in the management server","datePublic":"2020-04-08T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-04-08T18:41:58","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7.\nThis issue does not affect PAN-OS 7.1.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges.\n\nThis issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7.\nThis issue does not affect PAN-OS 7.1."}]}],"x_affectedList":["PAN-OS 9.0.6","PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1.*","status":"unaffected"},{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.7","versionType":"custom","changes":[{"at":"9.0.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1990"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-121 Stack-based Buffer Overflow","cweId":"CWE-121"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-121319"],"discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, PAN-OS 9.0.7 and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-04-08T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1979","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-05-12T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: A format string vulnerability in PAN-OS log daemon (logd) on Panorama allows local privilege escalation","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-05-13T19:07:13","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1979"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-134 Use of Externally-Controlled Format String","cweId":"CWE-134"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-97584"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of Panorama and is mitigated by following best practices for securing the Panorama management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-12T16:00:00.000Z","lang":"eng","value":"Updated attack vector, description and acknowledgement."}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1981","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-03-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Predictable temporary filename vulnerability allows local privilege escalation","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-03-11T18:58:14","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation.\nThis issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation.\nThis issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1981"}],"credits":[{"lang":"en","value":"This issue was found during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-377 Insecure Temporary File","cweId":"CWE-377"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-103038"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-1980","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2020-03-11T00:00:00","dateReserved":"2020-03-11T00:00:00","dateUpdated":"2020-03-11T00:00:00.000000Z"},"containers":{"cna":{"title":"PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands","datePublic":"2020-03-11T16:00:00.000Z","providerMetadata":{"dateUpdated":"2020-03-11T18:58:17","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges.\nThis issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13.\nThis issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions."}]}],"x_affectedList":["PAN-OS 8.1.12","PAN-OS 8.1.11","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThan":"8.1.13","versionType":"custom","changes":[{"at":"8.1.13","status":"unaffected"}]},{"version":"9.0.0","status":"unaffected","lessThan":"9.0*","versionType":"custom"},{"version":"9.1.0","status":"unaffected","lessThan":"9.1*","versionType":"custom"},{"version":"7.1.0","status":"unaffected","lessThan":"7.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2020-1980"}],"credits":[{"lang":"en","value":"This issue was discovered during an internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-102674"],"discovery":"INTERNAL"},"configurations":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS and is mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 8.1 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in PAN-OS 8.1.13, and all later versions.","supportingMedia":{"value":"This issue is fixed in PAN-OS 8.1.13, and all later versions.","type":"text/html","base64":false}}],"timeline":[{"time":"2020-03-11T16:00:00.000Z","lang":"eng","value":"Initial publication"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-17440","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-12-19T19:35:00.000Z","dateReserved":"2019-12-19T19:35:00.000Z"},"containers":{"cna":{"title":"PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access","datePublic":"2019-12-19T19:35:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS.\nThis issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured.\nThis issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC).\nThis issue does not affect any other PA series devices.\nThis issue does not affect devices without an LFC.\nThis issue does not affect PAN-OS 8.1 or prior releases.\nThis issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS.\nThis issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured.\nThis issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC).\nThis issue does not affect any other PA series devices.\nThis issue does not affect devices without an LFC.\nThis issue does not affect PAN-OS 8.1 or prior releases.\nThis issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted."}]}],"x_affectedList":["PAN-OS 9.0.5","PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThan":"9.0.5-h3","versionType":"custom","changes":[{"at":"9.0.6, 9.0.5-h3","status":"unaffected"}]}],"platforms":["PA-7000 Series with 2nd Generation SMC"]},{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.0","status":"unaffected"},{"version":"8.1","status":"unaffected"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-17440"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Ayad (Ed) Sleiman, Head of Information Security at King Abdullah University of Science and Technology (KAUST) and his team for discovering and responsibly reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":10,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-923 Improper Restriction of Communication Channel to Intended Endpoints","cweId":"CWE-923"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-134242"],"advisory":"PAN-SA-2019-0040","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"(1) Content update 8218-5815 can be applied without requiring a software update. Once the content update is installed please ensure that next PAN-OS upgrade is to a fixed version (9.0.5-h3 or later). Do not upgrade or downgrade to an affected release, as it can reintroduce the vulnerability.\n(2) Configure security policies to prevent network sessions destined to LFC.\n(3) Ensure that LFC is only connected to a secured administrative network with access restricted to trusted users.\n(4) Disable or disconnect LFC from the network until fixes can be applied.","supportingMedia":{"value":"(1) Content update 8218-5815 can be applied without requiring a software update. Once the content update is installed please ensure that next PAN-OS upgrade is to a fixed version (9.0.5-h3 or later). Do not upgrade or downgrade to an affected release, as it can reintroduce the vulnerability.\n(2) Configure security policies to prevent network sessions destined to LFC.\n(3) Ensure that LFC is only connected to a secured administrative network with access restricted to trusted users.\n(4) Disable or disconnect LFC from the network until fixes can be applied.","type":"text/html","base64":false}}],"exploits":[{"lang":"en","value":"Palo Alto Networks is not aware of any exploitation of this issue.\n","supportingMedia":{"value":"Palo Alto Networks is not aware of any exploitation of this issue.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue is fixed in 9.0.5-h3 and all subsequent releases. Content update 8218-5815 also fixes the issue.","supportingMedia":{"value":"This issue is fixed in 9.0.5-h3 and all subsequent releases. Content update 8218-5815 also fixes the issue.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-17437","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-12-04T17:00:00.000Z","dateReserved":"2019-12-04T17:00:00.000Z"},"containers":{"cna":{"title":"PAN-OS: Custom-role users may escalate privileges","datePublic":"2019-12-04T17:00:00.000Z","providerMetadata":{"dateUpdated":"2019-12-05T14:11:11","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser.\nThis issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5.\nPAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
An improper authentication check in Palo Alto Networks PAN-OS may allow an authenticated low privileged non-superuser custom role user to elevate privileges and become superuser.\nThis issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5.\nPAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue.\n"}]}],"x_affectedList":["PAN-OS 9.0.4","PAN-OS 9.0.3-h3","PAN-OS 9.0.3-h2","PAN-OS 9.0.3-h1","PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.10","PAN-OS 8.1.9-h4","PAN-OS 8.1.9-h3","PAN-OS 8.1.9-h2","PAN-OS 8.1.9-h1","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.19-h1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.24-h1","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThan":"7.1.25","versionType":"custom","changes":[{"at":"7.1.25","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThan":"8.0.20","versionType":"custom","changes":[{"at":"8.0.20","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThan":"8.1.11","versionType":"custom","changes":[{"at":"8.1.11","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThan":"9.0.5","versionType":"custom","changes":[{"at":"9.0.5","status":"unaffected"}]},{"version":"unspecified","status":"unknown","lessThanOrEqual":"7.0","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-17437"}],"credits":[{"lang":"en","value":"Christophe Schleypen of NCIA / NCIRC"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-280 Improper Handling of Insufficient Permissions or Privileges ","cweId":"CWE-280"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-115697"],"advisory":"PAN-SA-2019-0038","discovery":"EXTERNAL"},"configurations":[{"lang":"en","value":"This issue only affects devices configured with a low privileged custom role user with any combination of roles or privileges.","supportingMedia":{"value":"This issue only affects devices configured with a low privileged custom role user with any combination of roles or privileges.","type":"text/html","base64":false}}],"workarounds":[{"lang":"en","value":"Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users.","supportingMedia":{"value":"Remove any untrusted custom-role users from the device or disable their access until fixes can be applied. Restrict access to the device to only trusted users.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions.","supportingMedia":{"value":"This issue has been resolved in 7.1.25, 8.0.20, 8.1.11, 9.0.5 and all subsequent versions.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1582","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-08-21T22:13:00.000Z","dateReserved":"2019-08-21T22:13:00.000Z"},"containers":{"cna":{"title":"Memory Corruption in PAN-OS","datePublic":"2019-08-21T22:13:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. (Ref: # PAN-123700/ CVE-2019-1582).\nSuccessful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.\nThis issue affects PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS. (Ref: # PAN-123700/ CVE-2019-1582).\nSuccessful exploitation of this issue may allow an administrative user to cause arbitrary memory corruption by rekeying the current client interactive session.\nThis issue affects PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected."}]}],"x_affectedList":["PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.9","versionType":"custom","changes":[{"at":"8.1.9-h4","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.3","versionType":"custom","changes":[{"at":"9.0.3-h3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1582"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-123700"],"advisory":"PAN-SA-2019-0023","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later. ","supportingMedia":{"value":"PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1580","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-08-21T22:13:00.000Z","dateReserved":"2019-08-21T22:13:00.000Z"},"containers":{"cna":{"title":"Memory Corruption in PAN-OS","datePublic":"2019-08-21T22:13:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS (Ref: # PAN-123603/CVE-2019-1580).\nSuccessful exploitation will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory.\nThis issue affects PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a memory corruption vulnerability in PAN-OS (Ref: # PAN-123603/CVE-2019-1580).\nSuccessful exploitation will allow a remote, unauthenticated user to craft a message to Secure Shell Daemon (SSHD) and corrupt arbitrary memory.\nThis issue affects PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.24","versionType":"custom","changes":[{"at":"7.1.24-h1","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.19","versionType":"custom","changes":[{"at":"8.0.19-h1","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.9","versionType":"custom","changes":[{"at":"8.1.9-h4","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.3","versionType":"custom","changes":[{"at":"9.0.3-h3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1580"}],"credits":[{"lang":"en","value":"This issue was discovered by Nicholas Newsom of Palo Alto Networks during internal security review."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-123603"],"advisory":"PAN-SA-2019-0021","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later.","supportingMedia":{"value":"PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1581","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-08-21T22:13:00.000Z","dateReserved":"2019-08-21T22:13:00.000Z"},"containers":{"cna":{"title":"Remote code execution in PAN-OS SSH management interface","datePublic":"2019-08-21T22:13:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. (Ref: # PAN-123564/ CVE-2019-1581).\nSuccessful exploitation will allow a remote, unauthenticated user to execute arbitrary code by crafting and sending a malicious message to the SSH device management interface. \nThis issue affects PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a remote code execution vulnerability in the PAN-OS SSH device management interface that can lead to unauthenticated remote users with network access to the SSH management interface gaining root access to PAN-OS. (Ref: # PAN-123564/ CVE-2019-1581).\nSuccessful exploitation will allow a remote, unauthenticated user to execute arbitrary code by crafting and sending a malicious message to the SSH device management interface. \nThis issue affects PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.3","PAN-OS 9.0.2-h4","PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.9","PAN-OS 8.1.8-h5","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.19","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.24","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.24","versionType":"custom","changes":[{"at":"7.1.24-h1","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.19","versionType":"custom","changes":[{"at":"8.0.19-h1","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.9","versionType":"custom","changes":[{"at":"8.1.9-h4","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.3","versionType":"custom","changes":[{"at":"9.0.3-h3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1581"}],"credits":[{"lang":"en","value":"The UK's National Cyber Security Centre (NCSC)"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-123564"],"advisory":"PAN-SA-2019-0022","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the SSH management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interfaces. Our best practices guidelines reduce the exposure of device management interfaces to potential attacke...","supportingMedia":{"value":"This issue affects the SSH management interface of PAN-OS and is strongly mitigated by following best practices for securing the PAN-OS management interfaces. Our best practices guidelines reduce the exposure of device management interfaces to potential attacke...","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later.","supportingMedia":{"value":"PAN-OS 7.1.24-h1 and later, PAN-OS 8.0.19-h1 and later, PAN-OS 8.1.9-h4 and later, and PAN-OS 9.0.3-h3 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1579","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-18T20:39:00.000Z","dateReserved":"2019-07-18T20:39:00.000Z"},"containers":{"cna":{"title":"Remote Code Execution in GlobalProtect Portal/Gateway Interface ","datePublic":"2019-07-18T20:39:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. (Ref: CVE-2019-1579)\nSuccessful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code. \nThis issue affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of the reported remote code execution (RCE) vulnerability in its GlobalProtect portal and GlobalProtect Gateway interface products. The issue is already addressed in prior maintenance releases. (Ref: CVE-2019-1579)\nSuccessful exploitation of this issue allows an unauthenticated attacker to execute arbitrary code. \nThis issue affects PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected."}]}],"x_affectedList":["PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.18","versionType":"custom","changes":[{"at":"7.1.19","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.11-h1","versionType":"custom","changes":[{"at":"8.0.12","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.2","versionType":"custom","changes":[{"at":"8.1.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1579"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-100913"],"advisory":"PAN-SA-2019-0020","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"If you have not already upgraded to the available updates listed above and cannot do so now, we recommend that you update to content release 8173, or the latest version, and confirm threat prevention is enabled and enforced on traffic that passes through the GlobalProtect portal and GlobalProtect Gateway interface. \n\nPlease see the customer advisory for more details here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 . \n\nYou are not affected if you do not have GlobalProtect enabled.\n","supportingMedia":{"value":"If you have not already upgraded to the available updates listed above and cannot do so now, we recommend that you update to content release 8173, or the latest version, and confirm threat prevention is enabled and enforced on traffic that passes through the GlobalProtect portal and GlobalProtect Gateway interface. \n\nPlease see the customer advisory for more details here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Action-Recommended-Recent-Security-Advisory-PAN-SA-2019-0020-Ref/ta-p/278505 . \n\nYou are not affected if you do not have GlobalProtect enabled.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.","supportingMedia":{"value":"PAN-OS 7.1.19 and later, PAN-OS 8.0.12 and later, and PAN-OS 8.1.3 and later releases.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1576","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Command Injection in PAN-OS ","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface (CLI). (Ref PAN-111872/ CVE-2019-1576)\nSuccessful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.\nThis issue affects PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A command injection vulnerability exists in the Palo Alto Networks PAN-OS Command Line Interface (CLI). (Ref PAN-111872/ CVE-2019-1576)\nSuccessful exploitation of this issue may allow an authenticated attacker to gain access to a remote shell in PAN-OS, and potentially run with the escalated user’s permissions.\nThis issue affects PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1576"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Joe Graham at Rochester Institute of Technology for reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-111872"],"advisory":"PAN-SA-2019-0018","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 9.0.3 and later","supportingMedia":{"value":"PAN-OS 9.0.3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1575","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Information Disclosure in PAN-OS Management API Usage","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An Information Disclosure vulnerability exists in PAN-OS Management API usage (Ref # PAN-107239 and PAN-118869 / CVE-2019-1575)\nSuccessful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
An Information Disclosure vulnerability exists in PAN-OS Management API usage (Ref # PAN-107239 and PAN-118869 / CVE-2019-1575)\nSuccessful exploitation may allow for an authenticated user with read-only privileges to extract the API key of the device and the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.18","versionType":"custom","changes":[{"at":"8.0.19","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8-h4","versionType":"custom","changes":[{"at":"8.1.8","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1575"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Bartłomiej Stasiek of ING Tech Poland, Ruben Jacobi of ON2IT Group, Michael E. Davis - University of Arkansas, and Alycia N. Carey - University of Arkansas for reporting this issue."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-200 Information Exposure","cweId":"CWE-200"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-107239","PAN-118869"],"advisory":"PAN-SA-2019-0019","discovery":"USER"},"workarounds":[{"lang":"en","value":"Please see the detailed FAQ here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Palo-Alto-Networks-Security-Advisory-PAN-SA-2019-0019/ta-p/276661.","supportingMedia":{"value":"Please see the detailed FAQ here: https://live.paloaltonetworks.com/t5/Customer-Advisories/Palo-Alto-Networks-Security-Advisory-PAN-SA-2019-0019/ta-p/276661.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later. ","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-8912","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-07-15T22:15:00.000Z","dateReserved":"2019-07-15T22:15:00.000Z"},"containers":{"cna":{"title":"Privilege Escalation in PAN-OS","datePublic":"2019-07-15T22:15:00.000Z","providerMetadata":{"dateUpdated":"2020-01-21T19:06:20","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier. ","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier."}]}],"x_affectedList":["PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.17","versionType":"custom","changes":[{"at":"8.0.18","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8","versionType":"custom","changes":[{"at":"8.1.9","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2","versionType":"custom","changes":[{"at":"9.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-8912"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-416 Use After Free","cweId":"CWE-416"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-113631"],"advisory":"PAN-SA-2019-0017","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2019-0013","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-06-27T23:50:00.000Z","dateReserved":"2019-06-27T23:50:00.000Z"},"containers":{"cna":{"title":"Information about TCP SACK Panic Findings in PAN-OS ","datePublic":"2019-06-27T23:50:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. (Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)\nSuccessful exploitation of these issues could allow an unprivileged remote user to trigger a kernel panic in systems running the affected software, resulting in a denial of service.\n\nWhile these issues primary affect the PAN-OS Management Plane (MP), it is possible for MP services to be exposed via Data Plane (DP) interfaces as a result of Service Route or and Interface Management Profile configurations. Examples include Management Profiles permitting HTTP/HTTPS access to the WebGUI, SSH, or response pages. In these cases, it is possible that malicious traffic could arrive at the MP kernel through the DP interface. Devices with unrestricted connectivity to the MP, such as internal hosts, may be able to leverage this issue to impact device performance. \n\nPalo Alto Networks is not affected by CVE-2019-5599.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. \n\nGlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of recent vulnerability disclosures known as TCP SACK Panic vulnerabilities. (Ref: PAN-119745/ CVE-2019-11477, CVE-2019-11478, CVE-2019-11479)\nSuccessful exploitation of these issues could allow an unprivileged remote user to trigger a kernel panic in systems running the affected software, resulting in a denial of service.\n\nWhile these issues primary affect the PAN-OS Management Plane (MP), it is possible for MP services to be exposed via Data Plane (DP) interfaces as a result of Service Route or and Interface Management Profile configurations. Examples include Management Profiles permitting HTTP/HTTPS access to the WebGUI, SSH, or response pages. In these cases, it is possible that malicious traffic could arrive at the MP kernel through the DP interface. Devices with unrestricted connectivity to the MP, such as internal hosts, may be able to leverage this issue to impact device performance. \n\nPalo Alto Networks is not affected by CVE-2019-5599.\nThis issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. \n\nGlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues."}]}],"x_affectedList":["PAN-OS 9.0.2-h3","PAN-OS 9.0.2-h2","PAN-OS 9.0.2-h1","PAN-OS 9.0.2","PAN-OS 9.0.1","PAN-OS 9.0.0","PAN-OS 9.0","PAN-OS 8.1.8-h4","PAN-OS 8.1.8-h3","PAN-OS 8.1.8-h2","PAN-OS 8.1.8-h1","PAN-OS 8.1.8","PAN-OS 8.1.7","PAN-OS 8.1.6-h2","PAN-OS 8.1.6-h1","PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.18","PAN-OS 8.0.17","PAN-OS 8.0.16","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.23","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.23","versionType":"custom","changes":[{"at":"7.1.24","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.18","versionType":"custom","changes":[{"at":"8.0.19","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.8-h4","versionType":"custom","changes":[{"at":"8.1.8-h5","status":"unaffected"}]},{"version":"9.0","status":"affected","lessThanOrEqual":"9.0.2-h3","versionType":"custom","changes":[{"at":"9.0.2-h4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2019-0013"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-190 Integer Overflow or Wraparound","cweId":"CWE-190"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-119745"],"advisory":"PAN-SA-2019-0013","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"These issues affect the management interface of PAN-OS and are strongly mitigated by following best practices for securing the PAN-OS management interface. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS 9.0 technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later","supportingMedia":{"value":"PAN-OS 7.1.24 and later, PAN-OS 8.0.19 and later, PAN-OS 8.1.8-h5 and later, and PAN-OS 9.0.2-h4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-1572","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-03-28T20:05:00.000Z","dateReserved":"2019-03-28T20:05:00.000Z"},"containers":{"cna":{"title":"Authentication Bypass in PAN-OS Management Web Interface","datePublic":"2019-03-28T20:05:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:48","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"descriptions":[{"lang":"en","value":"An Authentication Bypass vulnerability exists in the PAN-OS Management Web Interface. (Ref # PAN-113675, CVE-2019-1572)\nSuccessful exploitation of this issue may allow an unauthenticated remote user to access php files.\nThis issue affects Only PAN-OS 9.0.0","supportingMedia":[{"type":"text/html","base64":"false","value":"
An Authentication Bypass vulnerability exists in the PAN-OS Management Web Interface. (Ref # PAN-113675, CVE-2019-1572)\nSuccessful exploitation of this issue may allow an unauthenticated remote user to access php files.\nThis issue affects Only PAN-OS 9.0.0"}]}],"x_affectedList":["PAN-OS 9.0.0","PAN-OS 9.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"9.0.0","status":"affected"},{"version":"9.0.1","status":"unaffected","lessThan":"9.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2019-1572"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-113675"],"advisory":"PAN-SA-2019-0005","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","supportingMedia":{"value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/getting-started/best-practices-for-securing-administrative-access.html.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 9.0.1 and later","supportingMedia":{"value":"PAN-OS 9.0.1 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-14634","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2019-03-20T21:20:00.000Z","dateReserved":"2019-03-20T21:20:00.000Z"},"containers":{"cna":{"title":"Privilege Escalation in PAN-OS","datePublic":"2019-03-20T21:20:00.000Z","providerMetadata":{"dateUpdated":"2021-07-20T14:06:15","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's create_elf_tables() function. (Ref # PAN-105966, CVE-2018-14634)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. \n\nTo successfully exploit this vulnerability, an attacker would need local user account to access CLI, as well as, an unrelated vulnerability allowing the local user to execute arbitrary code in a chained attack. This combination would result in the execution of malicious code and achieving complete control of the affected system.\n\nThis issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. \nThis issue affects This only affects 64bit systems with more than 32 GB of available memory. \n\nThe affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of an integer overflow vulnerability in the Linux kernel's create_elf_tables() function. (Ref # PAN-105966, CVE-2018-14634)\nSuccessful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system. \n\nTo successfully exploit this vulnerability, an attacker would need local user account to access CLI, as well as, an unrelated vulnerability allowing the local user to execute arbitrary code in a chained attack. This combination would result in the execution of malicious code and achieving complete control of the affected system.\n\nThis issue does not affect 32-bit systems as they do not have a large enough address space to exploit this flaw. \nThis issue affects This only affects 64bit systems with more than 32 GB of available memory. \n\nThe affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected."}]}],"x_affectedList":["PAN-OS 8.1.6","PAN-OS 8.1.5","PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.15","PAN-OS 8.0.14","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.22","PAN-OS 7.1.21","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.22","versionType":"custom","changes":[{"at":"7.1.23","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.15","versionType":"custom","changes":[{"at":"8.0.16","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.6","versionType":"custom","changes":[{"at":"8.1.7","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-14634"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-190 Integer Overflow or Wraparound","cweId":"CWE-190"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-105966"],"advisory":"PAN-SA-2019-0006","discovery":"INTERNAL"},"solutions":[{"lang":"en","value":"PAN-OS 7.1.23 and later, PAN-OS 8.0.16 and later, and PAN-OS 8.1.7 and later. ","supportingMedia":{"value":"PAN-OS 7.1.23 and later, PAN-OS 8.0.16 and later, and PAN-OS 8.1.7 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2018-0015","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-10-12T02:35:00.000Z","dateReserved":"2018-10-12T02:35:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities in PAN-OS ","datePublic":"2018-10-12T02:35:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. (Ref # PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis for security issues.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier. WF-500 running WF-500 software versions PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerabilities CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739. Palo Alto Networks software makes use of the vulnerable library and is affected. (Ref # PAN-98504/ CVE-2018-0732, CVE-2018-0737, and CVE-2018-0739)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis for security issues.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier. WF-500 running WF-500 software versions PAN-OS 6.1.20 and earlier, PAN-OS 7.1.20 and earlier, PAN-OS 8.0.13 and earlier, and PAN-OS 8.1.3 and earlier."}]}],"x_affectedList":["PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.13","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.20","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.20","versionType":"custom"},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.20","versionType":"custom","changes":[{"at":"7.1.21","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.13","versionType":"custom","changes":[{"at":"8.0.14","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.3","versionType":"custom","changes":[{"at":"8.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2018-0015"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-320","cweId":"CWE-320"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-98504"],"advisory":"PAN-SA-2018-0015","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.21 and later, PAN-OS 8.0.14 and later, PAN-OS 8.1.4 and later, WF-500 running WF-500 software version 8.0.14 and later, and WF-500 running WF-500 software version 8.1.4 and later. PAN-OS 6.1 will NOT have a fix. For WF-500 software versions 7.1 and earlier, please consult the WildFire Administrator’s Guide for steps to upgrade the software. An online copy of all available documentation can be found here (https://www.paloaltonetworks.com/documentation).","supportingMedia":{"value":"PAN-OS 7.1.21 and later, PAN-OS 8.0.14 and later, PAN-OS 8.1.4 and later, WF-500 running WF-500 software version 8.0.14 and later, and WF-500 running WF-500 software version 8.1.4 and later. PAN-OS 6.1 will NOT have a fix. For WF-500 software versions 7.1 and earlier, please consult the WildFire Administrator’s Guide for steps to upgrade the software. An online copy of all available documentation can be found here (https://www.paloaltonetworks.com/documentation).","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-5391","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-09-19T20:40:00.000Z","dateReserved":"2018-09-19T20:40:00.000Z"},"containers":{"cna":{"title":"Information about FragmentSmack findings","datePublic":"2018-09-19T20:40:00.000Z","providerMetadata":{"dateUpdated":"2020-04-14T12:06:39","orgId":"37e5125f-f79b-445b-8fad-9564f167944b","shortName":"certcc"},"descriptions":[{"lang":"en","value":"Palo Alto Networks is aware of recent vulnerability disclosure, known as FragmentSmack, that affects Linux kernel 3.9 and later. At this time, our findings show that some Palo Alto Networks devices running specific versions of PAN-OS are vulnerable to this disclosure. (CVE-2018-5391). This security advisory will be updated as more information becomes available or if there are changes in the impact of these vulnerabilities.\nA flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. To exploit this vulnerability a remote attacker could send specially crafted packets that trigger time and calculation expensive fragment reassembly algorithms and cause CPU saturation (a denial of service on the system). This only affects the Management Plane of PAN-OS.\nThis issue affects PAN-OS 6.1.21 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050. PAN-OS 7.1.19 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050 and PA-7080. PAN-OS 8.0.12 and earlier running on PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-7050 and PA-7080. PAN-OS 8.1.4 and earlier running on PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-5280, PA-7050 and PA-7080.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks is aware of recent vulnerability disclosure, known as FragmentSmack, that affects Linux kernel 3.9 and later. At this time, our findings show that some Palo Alto Networks devices running specific versions of PAN-OS are vulnerable to this disclosure. (CVE-2018-5391). This security advisory will be updated as more information becomes available or if there are changes in the impact of these vulnerabilities.\nA flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. To exploit this vulnerability a remote attacker could send specially crafted packets that trigger time and calculation expensive fragment reassembly algorithms and cause CPU saturation (a denial of service on the system). This only affects the Management Plane of PAN-OS.\nThis issue affects PAN-OS 6.1.21 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050. PAN-OS 7.1.19 and earlier running on PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7050 and PA-7080. PAN-OS 8.0.12 and earlier running on PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-7050 and PA-7080. PAN-OS 8.1.4 and earlier running on PA-200, PA-220, PA-220R, PA-500, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5000 Series, PA-5220, PA-5250, PA-5260, PA-5280, PA-7050 and PA-7080."}]}],"x_affectedList":["PAN-OS 8.1.4","PAN-OS 8.1.3","PAN-OS 8.1.2","PAN-OS 8.1.1","PAN-OS 8.1.0","PAN-OS 8.1","PAN-OS 8.0.12","PAN-OS 8.0.11-h1","PAN-OS 8.0.10","PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.19","PAN-OS 7.1.18","PAN-OS 7.1.17","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.21","versionType":"custom","changes":[{"at":"6.1.22","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.19","versionType":"custom","changes":[{"at":"7.1.20","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.12","versionType":"custom","changes":[{"at":"8.0.13","status":"unaffected"}]},{"version":"8.1","status":"affected","lessThanOrEqual":"8.1.4","versionType":"custom","changes":[{"at":"8.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-5391"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-103132"],"advisory":"PAN-SA-2018-0012","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of PAN-OS. Our best practices guidelines strongly mitigate exposure to this vulnerability and reduce the exposure of the management interface to other potential threats. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/81/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the management interface of PAN-OS. Our best practices guidelines strongly mitigate exposure to this vulnerability and reduce the exposure of the management interface to other potential threats. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/81/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.22, PAN-OS 7.1.20 and later, PAN-OS 8.0.13 and later, and PAN-OS 8.1.5 and later. ","supportingMedia":{"value":"PAN-OS 6.1.22, PAN-OS 7.1.20 and later, PAN-OS 8.0.13 and later, and PAN-OS 8.1.5 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2018-8715","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2018-07-20T00:30:00.000Z","dateReserved":"2018-07-20T00:30:00.000Z"},"containers":{"cna":{"title":"Denial of Service in PAN-OS Management Web Interface ","datePublic":"2018-07-20T00:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:47","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. (Ref # PAN-93089, CVE-2018-8715)\nA specially crafted HTTP POST request with an invalid “If-modified\" header field may cause a NULL dereference and cause a denial of service condition. This vulnerability can be triggered without login or authentication and could result in a crash of the management service.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.0. Global Protect is NOT affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. (Ref # PAN-93089, CVE-2018-8715)\nA specially crafted HTTP POST request with an invalid “If-modified\" header field may cause a NULL dereference and cause a denial of service condition. This vulnerability can be triggered without login or authentication and could result in a crash of the management service.\nThis issue affects PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.0. Global Protect is NOT affected."}]}],"x_affectedList":["PAN-OS 8.0.9","PAN-OS 8.0.8","PAN-OS 8.0.7","PAN-OS 8.0.6-h3","PAN-OS 8.0.6-h2","PAN-OS 8.0.6-h1","PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.16","PAN-OS 7.1.15","PAN-OS 7.1.14","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.20","versionType":"custom","changes":[{"at":"6.1.21","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.16","versionType":"custom","changes":[{"at":"7.1.17","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.9","versionType":"custom","changes":[{"at":"8.0.10","status":"unaffected"}]},{"version":"8.1.1","status":"unaffected","lessThan":"8.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2018-8715"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-93089"],"advisory":"PAN-SA-2018-0008","discovery":"EXTERNAL"},"workarounds":[{"lang":"en","value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","supportingMedia":{"value":"This issue affects the web-based management interface of PAN-OS and is strongly mitigated by following best practices for securing the management interface of PAN-OS. Our best practices guidelines reduce the exposure of the management interface to potential attackers. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation, available at: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/best-practices-for-securing-administrative-access.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.21 and later, PAN-OS 7.1.17 and later, PAN-OS 8.0.10 and later, and PAN-OS 8.1.1 and later. ","supportingMedia":{"value":"PAN-OS 6.1.21 and later, PAN-OS 7.1.17 and later, PAN-OS 8.0.10 and later, and PAN-OS 8.1.1 and later. ","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-15940","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-12-06T00:15:10.000Z","dateReserved":"2017-12-06T00:15:10.000Z"},"containers":{"cna":{"title":"Command Injection in PAN-OS ","datePublic":"2017-12-06T00:15:10.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the PAN-OS web interface packet capture management that could allow an authenticated user to inject arbitrary commands. (Ref # PAN-81892 / CVE-2017-15940)\nPAN-OS contains a vulnerability that may allow for post authentication command injection\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.13 and earlier, PAN-OS 8.0.6 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the PAN-OS web interface packet capture management that could allow an authenticated user to inject arbitrary commands. (Ref # PAN-81892 / CVE-2017-15940)\nPAN-OS contains a vulnerability that may allow for post authentication command injection\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.13 and earlier, PAN-OS 8.0.6 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.6","PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.18","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.18","versionType":"custom","changes":[{"at":"6.1.19","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.18","versionType":"custom","changes":[{"at":"7.0.19","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.13","versionType":"custom","changes":[{"at":"7.1.14","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.6","versionType":"custom","changes":[{"at":"8.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-15940"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Won Lae Lee and Hwang, Gyu Won from Samsung for reporting this issue"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')","cweId":"CWE-77"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-81892"],"advisory":"PAN-SA-2017-0028","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks has released content update 765 including vulnerability signatures #30998 that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 30998 must be applied to a firewall rule securing traffic destined for the Management interface. This issue affects the management interface of the device and is strongly mitigated by following best practices for the isolation of management interfaces for security appliances. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. An alternative mitigation includes the use of a Panorama central manager and disabling of http and https management on each of the vulnerable appliance, then use the Panorama context switching feature to remotely access the web interface of the device.","supportingMedia":{"value":"Palo Alto Networks has released content update 765 including vulnerability signatures #30998 that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 30998 must be applied to a firewall rule securing traffic destined for the Management interface. This issue affects the management interface of the device and is strongly mitigated by following best practices for the isolation of management interfaces for security appliances. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. An alternative mitigation includes the use of a Panorama central manager and disabling of http and https management on each of the vulnerable appliance, then use the Panorama context switching feature to remotely access the web interface of the device.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.14 and later, PAN-OS 8.0.6-h3 and later","supportingMedia":{"value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.14 and later, PAN-OS 8.0.6-h3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-15944","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-12-06T00:05:10.000Z","dateReserved":"2017-12-06T00:05:10.000Z"},"containers":{"cna":{"title":"Vulnerability in PAN-OS and Panorama on Management Interface","datePublic":"2017-12-06T00:05:10.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Through the exploitation of a combination of unrelated vulnerabilities, and via the management interface of the device, an attacker could remotely execute code on PAN-OS or Panorama in the context of the highest privileged user. (Ref # PAN-61094 / PAN-80990 / PAN-80993 / PAN-80994 / CVE-2017-15944)\nPAN-OS and Panorama contains multiple vulnerabilities that, when exploited in conjunction could lead to remote code execution prior to authentication.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, and PAN-OS 7.1.13 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
Through the exploitation of a combination of unrelated vulnerabilities, and via the management interface of the device, an attacker could remotely execute code on PAN-OS or Panorama in the context of the highest privileged user. (Ref # PAN-61094 / PAN-80990 / PAN-80993 / PAN-80994 / CVE-2017-15944)\nPAN-OS and Panorama contains multiple vulnerabilities that, when exploited in conjunction could lead to remote code execution prior to authentication.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, and PAN-OS 7.1.13 and earlier."}]}],"x_affectedList":["PAN-OS 7.1.13","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.18","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.18","versionType":"custom","changes":[{"at":"6.1.19","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.18","versionType":"custom","changes":[{"at":"7.0.19","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.13","versionType":"custom","changes":[{"at":"7.1.14","status":"unaffected"}]},{"version":"8.0.6","status":"unaffected","lessThan":"8.0*","versionType":"custom","changes":[{"at":"8.0","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-15944"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Philip Pettersson for reporting this issue"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"NVD-CWE-noinfo"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-61094","PAN-80990","PAN-80993","PAN-80994"],"advisory":"PAN-SA-2017-0027","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks has released content update 756 including vulnerability signatures #40483 and #40484 that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 40483 and 40484 must be applied to a firewall rule securing traffic destined for the Management interface. This issue affects the management interface of the device and is strongly mitigated by following best practices for the isolation of management interfaces for security appliances. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. An alternative mitigation includes the use of a Panorama central manager and disabling of http and https management on each of the vulnerable appliance, then use the Panorama context switching feature to remotely access the web interface of the device.","supportingMedia":{"value":"Palo Alto Networks has released content update 756 including vulnerability signatures #40483 and #40484 that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 40483 and 40484 must be applied to a firewall rule securing traffic destined for the Management interface. This issue affects the management interface of the device and is strongly mitigated by following best practices for the isolation of management interfaces for security appliances. We recommend that the management interface be isolated and strictly limited only to security administration personnel through either network segmentation or using the IP access control list restriction feature within PAN-OS. An alternative mitigation includes the use of a Panorama central manager and disabling of http and https management on each of the vulnerable appliance, then use the Panorama context switching feature to remotely access the web interface of the device.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.14 and later. An update in PAN-OS 8.0.6 also includes patches related to this vulnerability, however PAN-OS 8.0 is not remotely exploitable by an unauthenticated user using this vulnerability.","supportingMedia":{"value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.14 and later. An update in PAN-OS 8.0.6 also includes patches related to this vulnerability, however PAN-OS 8.0 is not remotely exploitable by an unauthenticated user using this vulnerability.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-15942","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-12-06T00:00:00","dateReserved":"2017-12-06T00:00:00","dateUpdated":"2020-05-18T00:00:00.000000Z"},"containers":{"cna":{"title":"Denial of Service Against GlobalProtect","datePublic":"2017-12-06T00:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)\nPAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in PAN-OS that could lead to denying access to GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. (Ref # PAN-78127 / CVE-2017-15942)\nPAN-OS contains a vulnerability in GlobalProtect that may allow a non-authenticated third party to mount a Denial of Service attack against the GlobalProtect portal, GlobalProtect gateway or preventing configuration commits. This vulnerability is only available when the GlobalProtect gateway or portal is running.\nThis issue affects PAN-OS 6.1.18 and earlier, PAN-OS 7.0.18 and earlier, PAN-OS 7.1.12 and earlier, PAN-OS 8.0.5 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.5","PAN-OS 8.0.4","PAN-OS 8.0.3-h4","PAN-OS 8.0.3-h3","PAN-OS 8.0.3-h2","PAN-OS 8.0.3-h1","PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.12","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.18","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.18","versionType":"custom","changes":[{"at":"6.1.19","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.18","versionType":"custom","changes":[{"at":"7.0.19","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.12","versionType":"custom","changes":[{"at":"7.1.13","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.5","versionType":"custom","changes":[{"at":"8.0.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-15942"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Craig Stephen and Martin Ferris from Net Consulting for reporting this issue to us."}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-399 Resource Management Errors","cweId":"CWE-399"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-78127"],"advisory":"PAN-SA-2017-0025","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This vulnerability is only available when the GlobalProtect gateway or portal is running.","supportingMedia":{"value":"This vulnerability is only available when the GlobalProtect gateway or portal is running.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later","supportingMedia":{"value":"PAN-OS 6.1.19 and later, PAN-OS 7.0.19 and later, PAN-OS 7.1.13 and later, PAN-OS 8.0.6 and later","type":"text/html","base64":false}}],"timeline":[{"time":"2017-12-06T00:00:00.000Z","lang":"eng","value":"Initial publication"},{"time":"2020-05-18T16:00:00.000Z","lang":"eng","value":"Updated credit statement"}]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-9458","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-08-30T23:00:03.000Z","dateReserved":"2017-08-30T23:00:03.000Z"},"containers":{"cna":{"title":"XML External Entity (XXE) in PAN-OS ","datePublic":"2017-08-30T23:00:03.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface that could allow for XML External Entity (XXE) attack. PAN-OS does not properly parse XML input. (Ref # PAN-75688 / CVE-2017-9458)\nSuccessful exploitation of this issue may allow disclosure of information, denial of service or server side request forgery.\r\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.16 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.2 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in PAN-OS’s GlobalProtect internal and external gateway interface that could allow for XML External Entity (XXE) attack. PAN-OS does not properly parse XML input. (Ref # PAN-75688 / CVE-2017-9458)\nSuccessful exploitation of this issue may allow disclosure of information, denial of service or server side request forgery.\r\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.16 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.2 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.17","versionType":"custom","changes":[{"at":"6.1.18","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.16","versionType":"custom","changes":[{"at":"7.0.17","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.11","versionType":"custom","changes":[{"at":"7.1.12","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.2","versionType":"custom","changes":[{"at":"8.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-9458"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Alejandro Iacobelli and Nicolas Videla from Mercadolibre for reporting (CVE-2017-9458). \r"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-611 Improper Restriction of XML External Entity Reference","cweId":"CWE-611"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-75688"],"advisory":"PAN-SA-2017-0024","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Customers that have not configured GlobalProtect are not affected by this issue.\r","supportingMedia":{"value":"Customers that have not configured GlobalProtect are not affected by this issue.\r","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.17 and later, PAN-OS 7.1.12 and later, PAN-OS 8.0.3 and later\r","supportingMedia":{"value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.17 and later, PAN-OS 7.1.12 and later, PAN-OS 8.0.3 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-6460","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-07-27T17:15:00.000Z","dateReserved":"2017-07-27T17:15:00.000Z"},"containers":{"cna":{"title":"NTP Vulnerability","datePublic":"2017-07-27T17:15:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"The Network Time Protocol (NTP) library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall. (Ref # PAN-76130 / CVE-2017-6460)\nSuccessful exploitation of this issue requires an attacker to be on the management interface.\nThis issue affects PAN-OS 6.1, PAN-OS 7.0.17 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Network Time Protocol (NTP) library has been found to contain a vulnerability CVE-2017-6460. Palo Alto Networks software makes use of the vulnerable library and may be affected. This issue only affects the management plane of the firewall. (Ref # PAN-76130 / CVE-2017-6460)\nSuccessful exploitation of this issue requires an attacker to be on the management interface.\nThis issue affects PAN-OS 6.1, PAN-OS 7.0.17 and earlier, PAN-OS 7.1.11 and earlier, PAN-OS 8.0.3 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.3","PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.11","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.22","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1.*","status":"affected"},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.11","versionType":"custom","changes":[{"at":"7.1.12","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.3","versionType":"custom","changes":[{"at":"8.0.4","status":"unaffected"}]},{"version":"7.0.18","status":"unaffected","lessThan":"7.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-6460"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-76130"],"advisory":"PAN-SA-2017-0022","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.18 or later, PAN-OS 7.1.12 or later, PAN-OS 8.0.4 or later\n","supportingMedia":{"value":"PAN-OS 7.0.18 or later, PAN-OS 7.1.12 or later, PAN-OS 8.0.4 or later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-8390","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-07-20T20:10:04.000Z","dateReserved":"2017-07-20T20:10:04.000Z"},"containers":{"cna":{"title":"Vulnerability in the PAN-OS DNS Proxy","datePublic":"2017-07-20T20:10:04.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A Remote Code Execution vulnerability exists in the PAN-OS DNS Proxy. This issue affects customers who have DNS Proxy enabled in PAN-OS. This issue affects both the Data and Management planes of the firewall. When DNS Proxy processes a specially crafted fully qualified domain names (FQDN), it is possible to execute code on the firewall. (ref # PAN-77516 / CVE-2017-8390).\nSuccessful exploitation of this issue could allow an attacker to execute code on the firewall.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0.2 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A Remote Code Execution vulnerability exists in the PAN-OS DNS Proxy. This issue affects customers who have DNS Proxy enabled in PAN-OS. This issue affects both the Data and Management planes of the firewall. When DNS Proxy processes a specially crafted fully qualified domain names (FQDN), it is possible to execute code on the firewall. (ref # PAN-77516 / CVE-2017-8390).\nSuccessful exploitation of this issue could allow an attacker to execute code on the firewall.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0.2 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.17","versionType":"custom","changes":[{"at":"6.1.18","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.15","versionType":"custom","changes":[{"at":"7.0.16","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.9","versionType":"custom","changes":[{"at":"7.1.10","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.2","versionType":"custom","changes":[{"at":"8.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-8390"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-77516"],"advisory":"PAN-SA-2017-0021","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends disabling DNS Proxy for those customers who are affected and are unable to apply the update.","supportingMedia":{"value":"Palo Alto Networks recommends disabling DNS Proxy for those customers who are affected and are unable to apply the update.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.3 and later","supportingMedia":{"value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-10229","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-06-19T20:30:00.000Z","dateReserved":"2017-06-19T20:30:00.000Z"},"containers":{"cna":{"title":"Kernel Vulnerability","datePublic":"2017-06-19T20:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"baff130e-b8d5-4e15-b3d3-c3cf5d5545c6","shortName":"google_android"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the Linux kernel of PAN-OS that may result in Remote Code Execution. A vulnerability in the Linux kernel networking subsystem for UDP could enable an attacker to execute arbitrary code within the context of the kernel. The Data Plane (DP) of PAN-OS is not affected by this issue since it does not use the vulnerable Linux kernel code. (ref # PAN-77173 / CVE-2016-10229).\nSuccessful exploitation of this issue requires an attacker to be on the management network.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0, PAN-OS 7.1.10 and earlier, PAN-OS 8.0.2 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the Linux kernel of PAN-OS that may result in Remote Code Execution. A vulnerability in the Linux kernel networking subsystem for UDP could enable an attacker to execute arbitrary code within the context of the kernel. The Data Plane (DP) of PAN-OS is not affected by this issue since it does not use the vulnerable Linux kernel code. (ref # PAN-77173 / CVE-2016-10229).\nSuccessful exploitation of this issue requires an attacker to be on the management network.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0, PAN-OS 7.1.10 and earlier, PAN-OS 8.0.2 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.2","PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.19","PAN-OS 7.0.18","PAN-OS 7.0.17","PAN-OS 7.0.16","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.0.*","status":"affected"},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.17","versionType":"custom","changes":[{"at":"6.1.18","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.10","versionType":"custom","changes":[{"at":"7.1.11","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.2","versionType":"custom","changes":[{"at":"8.0.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-10229"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-358 Improperly Implemented Security Check for Standard","cweId":"CWE-358"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-77173"],"advisory":"PAN-SA-2017-0018","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.18 and later, PAN-OS 7.1.11 and later, PAN-OS 8.0.3 and later\n","supportingMedia":{"value":"PAN-OS 6.1.18 and later, PAN-OS 7.1.11 and later, PAN-OS 8.0.3 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-8610","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-06-07T00:25:00.000Z","dateReserved":"2017-06-07T00:25:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerability ","datePublic":"2017-06-07T00:25:00.000Z","providerMetadata":{"dateUpdated":"2020-10-20T21:14:51","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerability CVE-2016-8610. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-68543 / CVE-2016-8610)\r\nThe OpenSSL library in use by PAN-OS is patched on a regular basis.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.10 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerability CVE-2016-8610. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-68543 / CVE-2016-8610)\r\nThe OpenSSL library in use by PAN-OS is patched on a regular basis.\nThis issue affects PAN-OS 6.1.17 and earlier, PAN-OS 7.0.15 and earlier, PAN-OS 7.1.10 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.10","PAN-OS 7.1.9-h4","PAN-OS 7.1.9-h3","PAN-OS 7.1.9-h2","PAN-OS 7.1.9-h1","PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.15","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.17","versionType":"custom","changes":[{"at":"6.1.18","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.15","versionType":"custom","changes":[{"at":"7.0.16","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.10","versionType":"custom","changes":[{"at":"7.1.11","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-8610"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption","cweId":"CWE-400"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-68543"],"advisory":"PAN-SA-2017-0017","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.11 and later\r","supportingMedia":{"value":"PAN-OS 6.1.18 and later, PAN-OS 7.0.16 and later, PAN-OS 7.1.11 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-4971","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-05-23T03:00:03.000Z","dateReserved":"2017-05-23T03:00:03.000Z"},"containers":{"cna":{"title":"WGET Vulnerability","datePublic":"2017-05-23T03:00:03.000Z","providerMetadata":{"dateUpdated":"2021-04-30T16:06:24","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The wget library has been found to contain a vulnerability (CVE 2016-4971). wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-59677/ CVE 2016-4971)\nSuccessfully exploiting this issue would require an attacker to be authenticated on the Management Interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0","supportingMedia":[{"type":"text/html","base64":"false","value":"
The wget library has been found to contain a vulnerability (CVE 2016-4971). wget allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted FTP resource. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-59677/ CVE 2016-4971)\nSuccessfully exploiting this issue would require an attacker to be authenticated on the Management Interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.9 and earlier, PAN-OS 8.0"}]}],"x_affectedList":["PAN-OS 7.1.9","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.16","versionType":"custom","changes":[{"at":"6.1.17","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.14","versionType":"custom","changes":[{"at":"7.0.15","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.9","versionType":"custom","changes":[{"at":"7.1.10","status":"unaffected"}]},{"version":"8.0.1","status":"unaffected","lessThan":"8.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-4971"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-254","cweId":"CWE-254"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-59677","2016-4971"],"advisory":"PAN-SA-2017-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.1 and later","supportingMedia":{"value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.10 and later, PAN-OS 8.0.1 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-7945","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-04-28T16:45:03.000Z","dateReserved":"2017-04-28T16:45:03.000Z"},"containers":{"cna":{"title":"Brute force attack on the PAN-OS GlobalProtect external interface ","datePublic":"2017-04-28T16:45:03.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for an attacker to brute force a username on PAN-OS GlobalProtect external Interface. The vulnerability is caused by\rPAN-OS provided different responses when supplying login credentials. (Ref # PAN-72769 / CVE-2017-7945)\r\nSuccessful exploitation of this issue may allow a malicious user to conduct a brute force attack against PAN-OS GlobalProtect external interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.8 and earlier, PAN-OS 8.0.1 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the PAN-OS GlobalProtect external interface that could allow for an attacker to brute force a username on PAN-OS GlobalProtect external Interface. The vulnerability is caused by\rPAN-OS provided different responses when supplying login credentials. (Ref # PAN-72769 / CVE-2017-7945)\r\nSuccessful exploitation of this issue may allow a malicious user to conduct a brute force attack against PAN-OS GlobalProtect external interface.\nThis issue affects PAN-OS 6.1.16 and earlier, PAN-OS 7.0.14 and earlier, PAN-OS 7.1.8 and earlier, PAN-OS 8.0.1 and earlier"}]}],"x_affectedList":["PAN-OS 8.0.1","PAN-OS 8.0.0","PAN-OS 8.0","PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.16","versionType":"custom","changes":[{"at":"6.1.17","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.14","versionType":"custom","changes":[{"at":"7.0.15","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.8","versionType":"custom","changes":[{"at":"7.1.9","status":"unaffected"}]},{"version":"8.0","status":"affected","lessThanOrEqual":"8.0.1","versionType":"custom","changes":[{"at":"8.0.2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-7945"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Rich Hansen from Plexus for reporting this issue to us."}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-209 Information Exposure Through an Error Message","cweId":"CWE-209"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-72769"],"advisory":"PAN-SA-2017-0014","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Customers that have not configured GlobalProtect are not affected by this issue.\r","supportingMedia":{"value":"Customers that have not configured GlobalProtect are not affected by this issue.\r","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.9 and later, PAN-OS 8.0.2 and later","supportingMedia":{"value":"PAN-OS 6.1.17 and later, PAN-OS 7.0.15 and later, PAN-OS 7.1.9 and later, PAN-OS 8.0.2 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-3731","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-04-20T18:00:00.000Z","dateReserved":"2017-04-20T18:00:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerability","datePublic":"2017-04-20T18:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"3a12439a-ef3a-4c79-92e6-6081a721f1e5","shortName":"openssl"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain vulnerability CVE-2017-3731. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-73914 / CVE-2017-3731)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. \nThis issue affects PAN-OS 6.1, PAN-OS 7.0.14 and earlier, PAN-OS 7.1, PAN-OS 8.0\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain vulnerability CVE-2017-3731. Palo Alto Networks software makes use of the vulnerable library and may be affected. (Ref # PAN-73914 / CVE-2017-3731)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. \nThis issue affects PAN-OS 6.1, PAN-OS 7.0.14 and earlier, PAN-OS 7.1, PAN-OS 8.0\n"}]}],"x_affectedList":["PAN-OS 7.0.14","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.1","status":"affected","lessThanOrEqual":"6.1","versionType":"custom"},{"version":"7.0.15","status":"unaffected","lessThan":"7.0*","versionType":"custom"},{"version":"7.1.10","status":"unaffected","lessThan":"7.1*","versionType":"custom"},{"version":"8.0.2","status":"unaffected","lessThan":"8.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-3731"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-125 Out-of-bounds Read","cweId":"CWE-125"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-73914"],"advisory":"PAN-SA-2017-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.15 and later; PAN-OS 7.1.10 and later; PAN-OS 8.0.2 and later\n","supportingMedia":{"value":"PAN-OS 7.0.15 and later; PAN-OS 7.1.10 and later; PAN-OS 8.0.2 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2017-7218","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-04-10T17:30:01.000Z","dateReserved":"2017-04-10T17:30:01.000Z"},"containers":{"cna":{"title":"Local Privilege Escalation in the Management Web Interface ","datePublic":"2017-04-10T17:30:01.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:46","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. (Ref # PAN-70426/ CVE-2017-7218)\nSuccessfully exploiting this issue would require an attacker to be authenticated.\nThis issue affects PAN-OS 7.1.8 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the Management Web Interface that could allow for local privilege escalation. The Management Web Interface does not properly validate specific request parameters which can potentially allow executing code with higher privileges. (Ref # PAN-70426/ CVE-2017-7218)\nSuccessfully exploiting this issue would require an attacker to be authenticated.\nThis issue affects PAN-OS 7.1.8 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.8","PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.8","versionType":"custom","changes":[{"at":"7.1.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2017-7218"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Christophe Schleypen from NATO Communications and Information Agency for reporting this issue to us. \r"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-70426"],"advisory":"PAN-SA-2017-0009","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.1.9 and later","supportingMedia":{"value":"PAN-OS 7.1.9 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-5195","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2017-02-21T19:30:00.000Z","dateReserved":"2017-02-21T19:30:00.000Z"},"containers":{"cna":{"title":"Kernel Vulnerability ","datePublic":"2017-02-21T19:30:00.000Z","providerMetadata":{"dateUpdated":"2022-08-15T11:06:10","orgId":"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28","shortName":"Chrome"},"descriptions":[{"lang":"en","value":"A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW (ref # PAN-68074 / CVE-2016-5195).\nPAN-OS may be impacted by the Dirty COW (CVE-2016-5195) attack. A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write breakage of private read-only memory mappings. An attacker would first require access to a shell on the device before they could use this exploit. Shell access is significantly restricted on the device. The Command Line Interface (CLI) is not shell access and therefore this issue cannot be exploited by the CLI.\nThis issue affects PAN-OS 5.1, PAN-OS 6.0, PAN-OS 6.1, PAN-OS 7.0.13, PAN-OS 7.1.7 and earlier\n","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists in the kernel of PAN-OS that may result in an elevation of privilege. This issue is publicly known as Dirty COW (ref # PAN-68074 / CVE-2016-5195).\nPAN-OS may be impacted by the Dirty COW (CVE-2016-5195) attack. A race condition was found in the way the Linux kernel's memory subsystem handles the copy-on-write breakage of private read-only memory mappings. An attacker would first require access to a shell on the device before they could use this exploit. Shell access is significantly restricted on the device. The Command Line Interface (CLI) is not shell access and therefore this issue cannot be exploited by the CLI.\nThis issue affects PAN-OS 5.1, PAN-OS 6.0, PAN-OS 6.1, PAN-OS 7.0.13, PAN-OS 7.1.7 and earlier\n"}]}],"x_affectedList":["PAN-OS 7.1.7","PAN-OS 7.1.6","PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.13","PAN-OS 7.0.12","PAN-OS 7.0.11","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.22","PAN-OS 6.1.21","PAN-OS 6.1.20","PAN-OS 6.1.19","PAN-OS 6.1.18","PAN-OS 6.1.17","PAN-OS 6.1.16","PAN-OS 6.1.15","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.15","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.1.*","status":"affected"},{"version":"6.0.*","status":"affected"},{"version":"6.1.*","status":"affected"},{"version":"7.0.14","status":"unaffected","lessThan":"7.0*","versionType":"custom"},{"version":"7.1.8","status":"unaffected","lessThan":"7.1*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-5195"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","cweId":"CWE-362"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-68074"],"advisory":"PAN-SA-2017-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network.\n","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":" PAN-OS 7.0.14 and later, PAN-OS 7.1.8 and later\n","supportingMedia":{"value":" PAN-OS 7.0.14 and later, PAN-OS 7.1.8 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-9150","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-11-17T17:01:00.000Z","dateReserved":"2016-11-17T17:01:00.000Z"},"containers":{"cna":{"title":"Buffer Overflow in the Management Web Interface","datePublic":"2016-11-17T17:01:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution (RCE). (Ref # PAN-63073/102953/CVE-2016-9150)\nAn attacker with network access to the management web interface may be able to perform a remote code execution (RCE) or denial-of-service (DoS). \r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks web management server improperly handles a buffer overflow. This can result in a possible remote code execution (RCE). (Ref # PAN-63073/102953/CVE-2016-9150)\nAn attacker with network access to the management web interface may be able to perform a remote code execution (RCE) or denial-of-service (DoS). \r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.14","versionType":"custom","changes":[{"at":"6.1.15","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.10","versionType":"custom","changes":[{"at":"7.0.11","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.5","versionType":"custom","changes":[{"at":"7.1.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-9150"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Tavis Ormandy from the Google Security Team for reporting this issue to us.\r"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-63073","102953"],"advisory":"PAN-SA-2016-0035","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network. \r","supportingMedia":{"value":"Palo Alto Networks recommends to implement best practice by allowing web interface access only to a dedicated management network. Additionally, restrict the set of IP addresses to a subset of authorized sources that you allow to interact with the management network. \r","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-9151","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-11-17T17:00:00.000Z","dateReserved":"2016-11-17T17:00:00.000Z"},"containers":{"cna":{"title":"Local Privilege Escalation","datePublic":"2016-11-17T17:00:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:45","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges (Ref # PAN-61104/100499/CVE-2016-9151)\r\nA potential attacker with local shell access could manipulate arbitrary environment variables which could result in a process running with higher privileges.\r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls do not properly validate certain environment variables which can potentially allow executing code with higher privileges (Ref # PAN-61104/100499/CVE-2016-9151)\r\nA potential attacker with local shell access could manipulate arbitrary environment variables which could result in a process running with higher privileges.\r\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.5 and earlier\r"}]}],"x_affectedList":["PAN-OS 7.1.5","PAN-OS 7.1.4-h2","PAN-OS 7.1.4-h1","PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.14","versionType":"custom","changes":[{"at":"6.1.15","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.10","versionType":"custom","changes":[{"at":"7.0.11","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.5","versionType":"custom","changes":[{"at":"7.1.6","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-9151"}],"credits":[{"lang":"en","value":"Palo Alto Networks would like to thank Tavis Ormandy from the Google Security Team for reporting this issue to us."}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-264","cweId":"CWE-264"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-61104","100499"],"advisory":"PAN-SA-2016-0034","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. ","supportingMedia":{"value":"Exploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability. ","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.6 and later\r","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0029","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-18T18:31:00.000Z","dateReserved":"2016-10-18T18:31:00.000Z"},"containers":{"cna":{"title":"Insecure Server Configuration","datePublic":"2016-10-18T18:31:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"An incorrect Web management server configuration was identified in PAN-OS. (Ref # PAN-52038/86767).\nThis post-authentication issue affects the management interface of the device, where an incorrect configuration could lead to JavaScript execution.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
An incorrect Web management server configuration was identified in PAN-OS. (Ref # PAN-52038/86767).\nThis post-authentication issue affects the management interface of the device, where an incorrect configuration could lead to JavaScript execution.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0029"}],"credits":[{"lang":"en","value":"ringzero"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Insecure Server Configuration"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-52038","86767"],"advisory":"PAN-SA-2016-0029","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue is available only to authenticated users on the web interface. Palo Alto Networks recommends implementing best practices, only allowing management access to a restricted set of IP address, and dedicating management of the device to the management interface only.","supportingMedia":{"value":"This issue is available only to authenticated users on the web interface. Palo Alto Networks recommends implementing best practices, only allowing management access to a restricted set of IP address, and dedicating management of the device to the management interface only.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0028","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-18T18:30:00.000Z","dateReserved":"2016-10-18T18:30:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities","datePublic":"2016-10-18T18:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to moderate but have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411)\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to moderate but have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0028"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-48954","81411"],"advisory":"PAN-SA-2016-0028","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0025","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-10-04T01:00:00.000Z","dateReserved":"2016-10-04T01:00:00.000Z"},"containers":{"cna":{"title":"Kernel Vulnerabilities","datePublic":"2016-10-04T01:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366.\n (Ref # PAN-52379/87408)\nThe CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.4 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The kernel in use by the Management Plane of PAN-OS is vulnerable to CVE-2015-5364 and CVE-2015-5366.\n (Ref # PAN-52379/87408)\nThe CVSS Score of CVE-2015-5364 is 7.8, High; while the CVSS Score of CVE-2015-5366 is 5.0, Medium. Those could lead to a Denial of Service attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14 and earlier; PAN-OS 7.0.10 and earlier; PAN-OS 7.1.4 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.4","PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.10","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.14","PAN-OS 6.1.13","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.14","versionType":"custom","changes":[{"at":"6.1.15","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.10","versionType":"custom","changes":[{"at":"7.0.11","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.4","versionType":"custom","changes":[{"at":"7.1.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0025"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-399","cweId":"CWE-399"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["PAN-52379","87408"],"advisory":"PAN-SA-2016-0025","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.5 and later\n","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.15 and later; PAN-OS 7.0.11 and later; PAN-OS 7.1.5 and later\n","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2015-7547","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T19:00:00.000Z","dateReserved":"2016-08-15T19:00:00.000Z"},"containers":{"cna":{"title":"Glibc DNS Resolver Vulnerability","datePublic":"2016-08-15T19:00:00.000Z","providerMetadata":{"dateUpdated":"2022-06-20T18:06:34","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"A vulnerability in the GNU libc (glibc) DNS resolver allows remote code execution (CVE-2015-7547). However, this issue can be exploited only from a DNS server that is under the control of an attacker. (Ref # 91886).\nThis glibc issue is only exploitable by an attacker controlling the DNS server configured for the device. Furthermore, the attacker must overcome additional anti-exploitation mitigations, such as ASLR, to mount a successful attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability in the GNU libc (glibc) DNS resolver allows remote code execution (CVE-2015-7547). However, this issue can be exploited only from a DNS server that is under the control of an attacker. (Ref # 91886).\nThis glibc issue is only exploitable by an attacker controlling the DNS server configured for the device. Furthermore, the attacker must overcome additional anti-exploitation mitigations, such as ASLR, to mount a successful attack.\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.14","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.14","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2015-7547"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["91886"],"advisory":"PAN-SA-2016-0021","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This vulnerability can affect PAN-OS software only when the device is configured with a DNS server that is under the control of an attacker. Palo Alto Networks discourages configuring the device with untrusted DNS servers.","supportingMedia":{"value":"This vulnerability can affect PAN-OS software only when the device is configured with a DNS server that is under the control of an attacker. Palo Alto Networks discourages configuring the device with untrusted DNS servers.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0020","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T18:30:00.000Z","dateReserved":"2016-08-15T18:30:00.000Z"},"containers":{"cna":{"title":"OpenSSL Vulnerabilities","datePublic":"2016-08-15T18:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2842. Palo Alto Networks software makes use of the vulnerable library. (Ref # 95622).\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to high but, have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.X; PAN-OS-5.1.X; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The OpenSSL library has been found to contain several vulnerabilities CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-1794, CVE-2015-3195, CVE-2015-4000, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-2842. Palo Alto Networks software makes use of the vulnerable library. (Ref # 95622).\nThe OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to high but, have not been shown to be exploitable at the time of this advisory.\nThis issue affects PAN-OS 5.0.X; PAN-OS-5.1.X; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.8","versionType":"custom","changes":[{"at":"7.0.9","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0020"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["95622"],"advisory":"PAN-SA-2016-0020","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0019","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-08-15T18:00:00.000Z","dateReserved":"2016-08-15T18:00:00.000Z"},"containers":{"cna":{"title":"NTP Vulnerabilities","datePublic":"2016-08-15T18:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"The open source ntp project has been found to contain several vulnerabilities (CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016). Palo Alto...\nAlso Palo Alto Networks make use of the affected version of ntp, no exploitation condition are known at the time of this advisory\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.1 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
The open source ntp project has been found to contain several vulnerabilities (CVE-2015-8158, CVE-2015-8138, CVE-2015-7979, CVE-2015-7978, CVE-2015-7977, CVE-2015-7976, CVE-2015-7975, CVE-2015-7974, CVE-2015-7973, all released in January 2016). Palo Alto...\nAlso Palo Alto Networks make use of the affected version of ntp, no exploitation condition are known at the time of this advisory\nThis issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.1 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.8 and earlier; PAN-OS 7.1.3 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.3","PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.12","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.19","versionType":"custom","changes":[{"at":"5.0.20","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.12","versionType":"custom","changes":[{"at":"5.1.13","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.1","versionType":"custom","changes":[{"at":"6.0.15","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.12","versionType":"custom","changes":[{"at":"6.1.13","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.8","versionType":"custom","changes":[{"at":"7.0.9","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.3","versionType":"custom","changes":[{"at":"7.1.4","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0019"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-400 Uncontrolled Resource Consumption","cweId":"CWE-400"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["92106"],"advisory":"PAN-SA-2016-0019","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","supportingMedia":{"value":"PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.9 and later; PAN-OS 7.1.4 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0016","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-15T00:00:00.000Z","dateReserved":"2016-07-15T00:00:00.000Z"},"containers":{"cna":{"title":"Web Interface Privilege Escalation","datePublic":"2016-07-15T00:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. (Ref. 88191)\nA user could elevate privileges by impersonating another user with higher permissions.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.10 and earlier; PAN-OS 7.0.4 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks Panorama administrators have the ability to assign predefined permissions to users created on PAN-OS. A read-only user with CLI access could elevate web interface privileges. (Ref. 88191)\nA user could elevate privileges by impersonating another user with higher permissions.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.10 and earlier; PAN-OS 7.0.4 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.18","versionType":"custom","changes":[{"at":"5.0.19","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.11","versionType":"custom","changes":[{"at":"5.1.12","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.10","versionType":"custom","changes":[{"at":"6.1.11","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.4","versionType":"custom","changes":[{"at":"7.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0016"}],"credits":[{"lang":"en","value":"John Perry, the Boeing Company"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Web Interface Privilege Escalation"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["88191"],"advisory":"PAN-SA-2016-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Customers running versions of Panorama affected by this issue could create a custom admin role that does not allow CLI access and to avoid any privilege escalation. Firewalls running PAN-OS are not affected by this issue.","supportingMedia":{"value":"Customers running versions of Panorama affected by this issue could create a custom admin role that does not allow CLI access and to avoid any privilege escalation. Firewalls running PAN-OS are not affected by this issue.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.11 and later; PAN-OS 7.0.5 and later","supportingMedia":{"value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.11 and later; PAN-OS 7.0.5 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-1712","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-13T18:30:00.000Z","dateReserved":"2016-07-13T18:30:00.000Z"},"containers":{"cna":{"title":"Local privilege escalation","datePublic":"2016-07-13T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).\nExploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls do not properly sanitize the root_reboot local invocation which can potentially allow executing code with higher privileges (Ref. 92293) (CVE-2016-1712).\nExploitation of this privilege escalation is restricted to local users. Potential attackers would have to first obtain a shell on the device before they could attempt to escalate privileges through this vulnerability.\nThis issue affects PAN-OS 5.0.18 and earlier; PAN-OS 5.1.11 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.11 and earlier; PAN-OS 7.0.7 and earlier"}]}],"x_affectedList":["PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.11","PAN-OS 6.1.10","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.13","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.18","versionType":"custom","changes":[{"at":"5.0.19","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.11","versionType":"custom","changes":[{"at":"5.1.12","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.13","versionType":"custom","changes":[{"at":"6.0.14","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.11","versionType":"custom","changes":[{"at":"6.1.12","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.7","versionType":"custom","changes":[{"at":"7.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-1712"}],"credits":[{"lang":"en","value":"Kasif Dekel, CheckPoint Security Team"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["92293"],"advisory":"PAN-SA-2016-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"N/A","supportingMedia":{"value":"N/A","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later","supportingMedia":{"value":"PAN-OS 5.0.19 and later; PAN-OS 5.1.12 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.12 and later; PAN-OS 7.0.8 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2016-0011","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-07-12T17:30:00.000Z","dateReserved":"2016-07-12T17:30:00.000Z"},"containers":{"cna":{"title":"OpenSSH vulnerabilities","datePublic":"2016-07-12T17:30:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"OpenSSH contains two vulnerabilities (CVE-2016-0777 and CVE-2016-0778) affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. (Ref # 90508)\nThe Palo Alto Networks firewall outbound SSH client offers only the user/password authentication scheme and, therefore, does not expose a potential SSH private key.\nThis issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.2 and earlier","supportingMedia":[{"type":"text/html","base64":"false","value":"
OpenSSH contains two vulnerabilities (CVE-2016-0777 and CVE-2016-0778) affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. (Ref # 90508)\nThe Palo Alto Networks firewall outbound SSH client offers only the user/password authentication scheme and, therefore, does not expose a potential SSH private key.\nThis issue affects PAN-OS 7.0.9 and earlier; PAN-OS 7.1.2 and earlier"}]}],"x_affectedList":["PAN-OS 7.1.2","PAN-OS 7.1.1","PAN-OS 7.1.0","PAN-OS 7.1","PAN-OS 7.0.9","PAN-OS 7.0.8","PAN-OS 7.0.7","PAN-OS 7.0.6","PAN-OS 7.0.5-h2","PAN-OS 7.0.5-h1","PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.9","versionType":"custom","changes":[{"at":"7.0.10","status":"unaffected"}]},{"version":"7.1","status":"affected","lessThanOrEqual":"7.1.2","versionType":"custom","changes":[{"at":"7.1.3","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2016-0011"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.1,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["90508"],"advisory":"PAN-SA-2016-0011","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"These vulnerabilities affect PAN-OS only when initiating a connection to a malicious server. Palo Alto Networks discourages establishing SSH sessions to unknown or untrusted servers.","supportingMedia":{"value":"These vulnerabilities affect PAN-OS only when initiating a connection to a malicious server. Palo Alto Networks discourages establishing SSH sessions to unknown or untrusted servers.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.10 and later; PAN-OS 7.1.3 and later","supportingMedia":{"value":"PAN-OS 7.0.10 and later; PAN-OS 7.1.3 and later","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3657","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Unauthenticated Buffer Overflow in GlobalProtect/SSL VPN Web Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. (Ref. #89752) (CVE-2016-3657)\nAn attacker with network access to the vulnerable GlobalProtect portal may be able to perform a denial-of-service (DoS) attack on the device, and may be able to perform remote code execution on the affected device.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.4 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
When a PAN-OS device is configured as a GlobalProtect portal, a vulnerability exists where an improper handling of a buffer involved in the processing of SSL VPN requests can result in device crash and possible remote code execution. (Ref. #89752) (CVE-2016-3657)\nAn attacker with network access to the vulnerable GlobalProtect portal may be able to perform a denial-of-service (DoS) attack on the device, and may be able to perform remote code execution on the affected device.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.4 and prior"}]}],"x_affectedList":["PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.4","versionType":"custom","changes":[{"at":"7.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3657"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89752"],"advisory":"PAN-SA-2016-0005","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Emergency content update 563 contains an IPS signature (#38902) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38902 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","supportingMedia":{"value":"Emergency content update 563 contains an IPS signature (#38902) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38902 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3656","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Unauthenticated Stack Exhaustion in GlobalProtect/SSL VPN Web Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656)\nThis issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via a service crash.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
When a PAN-OS device is configured as a GlobalProtect web portal, a specially crafted request to the portal could result in a crash of the service. (Ref. #89750) (CVE-2016-3656)\nThis issue can be exploited remotely by an attacker with network access to the GlobalProtect portal in order to cause a denial-of-service (DoS) via a service crash.\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior"}]}],"x_affectedList":["PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.5","versionType":"custom","changes":[{"at":"7.0.5H2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3656"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer","cweId":"CWE-119"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89750"],"advisory":"PAN-SA-2016-0004","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Emergency content update 563 contains an IPS signature (#38903) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38903 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","supportingMedia":{"value":"Emergency content update 563 contains an IPS signature (#38903) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38903 must be applied to a firewall rule securing traffic destined for the GlobalProtect portal. The GlobalProtect portal should only be present once per installation, limiting the organization’s exposure to this issue. This issue can be further mitigated by disabling the affected optional “login page” in the GlobalProtect portal configuration, and distribution of the client side software may be performed through alternative means such as GPO or network share while the PAN-OS patch is applied.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3655","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Unauthenticated Command Injection in Management Web Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the management interface. (Ref. #89717) (CVE-2016-3655)\nThis issue can be exploited remotely by an unauthenticated user with network access to the device management web-based API\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.4 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks PAN-OS implements an API to enable programmatic device configuration and administration of the device. An issue was identified where the management API incorrectly parses input to a specific API call, leading to execution of arbitrary OS commands without authentication via the management interface. (Ref. #89717) (CVE-2016-3655)\nThis issue can be exploited remotely by an unauthenticated user with network access to the device management web-based API\nThis issue affects PAN-OS releases 5.0.17 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.4 and prior"}]}],"x_affectedList":["PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.4","versionType":"custom","changes":[{"at":"7.0.5","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3655"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89717"],"advisory":"PAN-SA-2016-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Emergency content update 563 contains an IPS signature (#38904) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38904 must be applied to a firewall rule securing traffic destined for the device management web interface, and decryption must be applied. This issue is further mitigated by following security appliance management best practices, requiring that network access to the management interfaces be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"Emergency content update 563 contains an IPS signature (#38904) that can be used as an interim mitigation to protect PAN-OS devices until the device software is upgraded. Note that signatures 38904 must be applied to a firewall rule securing traffic destined for the device management web interface, and decryption must be applied. This issue is further mitigated by following security appliance management best practices, requiring that network access to the management interfaces be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2016-3654","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2016-02-24T18:30:00.000Z","dateReserved":"2016-02-24T18:30:00.000Z"},"containers":{"cna":{"title":"Command Injection in Command Line Interface","datePublic":"2016-02-24T18:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:44","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level. This vulnerability requires successful authentication but can be used to execute OS commands with root privileges if the logged on user has administrative privileges. (Ref #89706) (CVE-2016-3654)\nThis vulnerability is exploitable only by authenticated administrators that are granted access to the device management CLI.\nThis issue affects PAN-OS releases 5.0.17 and prior; 5.1.10 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior","supportingMedia":[{"type":"text/html","base64":"false","value":"
Palo Alto Networks firewalls implement a command line interface for interactive configuration through a serial interface or a remote SSH session. An issue was identified that can cause incorrect parsing of a specific SSH command parameter, leading to arbitrary command execution on the OS level. This vulnerability requires successful authentication but can be used to execute OS commands with root privileges if the logged on user has administrative privileges. (Ref #89706) (CVE-2016-3654)\nThis vulnerability is exploitable only by authenticated administrators that are granted access to the device management CLI.\nThis issue affects PAN-OS releases 5.0.17 and prior; 5.1.10 and prior; 6.0.12 and prior; 6.1.9 and prior; 7.0.5 and prior"}]}],"x_affectedList":["PAN-OS 7.0.5","PAN-OS 7.0.4","PAN-OS 7.0.3","PAN-OS 7.0.2","PAN-OS 7.0.1","PAN-OS 7.0","PAN-OS 6.1.9","PAN-OS 6.1.8","PAN-OS 6.1.7","PAN-OS 6.1.6","PAN-OS 6.1.5","PAN-OS 6.1.4","PAN-OS 6.1.3","PAN-OS 6.1.2","PAN-OS 6.1.1","PAN-OS 6.1.0","PAN-OS 6.1","PAN-OS 6.0.12","PAN-OS 6.0.11","PAN-OS 6.0.10","PAN-OS 6.0.9","PAN-OS 6.0.8","PAN-OS 6.0.7","PAN-OS 6.0.6","PAN-OS 6.0.5-h3","PAN-OS 6.0.5-h2","PAN-OS 6.0.5-h1","PAN-OS 6.0.5","PAN-OS 6.0.4","PAN-OS 6.0.3","PAN-OS 6.0.2","PAN-OS 6.0.1","PAN-OS 6.0.0","PAN-OS 6.0","PAN-OS 5.1","PAN-OS 5.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"5.0","status":"affected","lessThanOrEqual":"5.0.17","versionType":"custom","changes":[{"at":"5.0.18","status":"unaffected"}]},{"version":"5.1","status":"affected","lessThanOrEqual":"5.1.10","versionType":"custom","changes":[{"at":"5.1.11","status":"unaffected"}]},{"version":"6.0","status":"affected","lessThanOrEqual":"6.0.12","versionType":"custom","changes":[{"at":"6.0.13","status":"unaffected"}]},{"version":"6.1","status":"affected","lessThanOrEqual":"6.1.9","versionType":"custom","changes":[{"at":"6.1.10","status":"unaffected"}]},{"version":"7.0","status":"affected","lessThanOrEqual":"7.0.5","versionType":"custom","changes":[{"at":"7.0.5H2","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2016-3654"}],"credits":[{"lang":"en","value":"Felix Wilhelm, ERNW Research"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.2,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["89706"],"advisory":"PAN-SA-2016-0002","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue only affects authenticated device users and Panorama users with CLI access enabled. Deployments making use of Role-Based Access Control (RBAC) do not offer CLI access by default. As a best practice, CLI access should be carefully considered, and granted only when necessary to privileged administrators.","supportingMedia":{"value":"This issue only affects authenticated device users and Panorama users with CLI access enabled. Deployments making use of Role-Based Access Control (RBAC) do not offer CLI access by default. As a best practice, CLI access should be carefully considered, and granted only when necessary to privileged administrators.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS releases 5.0.18 and newer; 5.1.11 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","supportingMedia":{"value":"PAN-OS releases 5.0.18 and newer; 5.1.11 and newer; 6.0.13 and newer; 6.1.10 and newer; 7.0.5H2 and newer","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"PAN-SA-2015-0005","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2015-07-24T07:00:00.000Z","dateReserved":"2015-07-24T07:00:00.000Z"},"containers":{"cna":{"title":"Device management authentication bypass","datePublic":"2015-07-24T07:00:00.000Z","providerMetadata":{"orgId":"Not found","shortName":"Not found","dateUpdated":"2024-11-20T00:00:00"},"descriptions":[{"lang":"en","value":"Devices running PAN-OS 7.0.0 (including Panorama) that are configured to use LDAP for captive portal or device management authentication do not properly perform authentication against the LDAP server in specific cases, leading to an authentication bypass. There is no issue if you are using Radius or local authentication instead of LDAP or prior versions of PAN-OS; nor does this affect authentication attempts from GlobalProtect clients.\nThis vulnerability can lead to authentication bypass for captive portal or device management login attempts.\nThis issue only affects PAN-OS 7.0.0","supportingMedia":[{"type":"text/html","base64":"false","value":"
Devices running PAN-OS 7.0.0 (including Panorama) that are configured to use LDAP for captive portal or device management authentication do not properly perform authentication against the LDAP server in specific cases, leading to an authentication bypass. There is no issue if you are using Radius or local authentication instead of LDAP or prior versions of PAN-OS; nor does this affect authentication attempts from GlobalProtect clients.\nThis vulnerability can lead to authentication bypass for captive portal or device management login attempts.\nThis issue only affects PAN-OS 7.0.0"}]}],"x_affectedList":["PAN-OS 7.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"7.0.0","status":"affected"},{"version":"7.0.1","status":"unaffected","lessThan":"7.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/PAN-SA-2015-0005"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Device management authentication bypass"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"advisory":"PAN-SA-2015-0005","discovery":"INTERNAL"},"workarounds":[{"lang":"en","value":"This issue only affects devices and Panorama configured to use LDAP for captive portal or device management authentication. This issue is strongly mitigated by following security appliance management best practices, requiring that network access to the management interfaces be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue only affects devices and Panorama configured to use LDAP for captive portal or device management authentication. This issue is strongly mitigated by following security appliance management best practices, requiring that network access to the management interfaces be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 7.0.1 and subsequent.","supportingMedia":{"value":"PAN-OS 7.0.1 and subsequent.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2014-0224","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2014-06-09T07:00:00.000Z","dateReserved":"2014-06-09T07:00:00.000Z"},"containers":{"cna":{"title":"OpenSSL Man-in-the-middle vulnerability","datePublic":"2014-06-09T07:00:00.000Z","providerMetadata":{"dateUpdated":"2021-11-05T16:47:29","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"descriptions":[{"lang":"en","value":"The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The remaining vulnerabilities to not apply because we do not use or support use of Datagram Transport Layer Security (DTLS), nor do we use anonymous Elliptic curve Diffie-Hellman (ECDH) on our software clients. Our exposure to CVE-2014-0224 is limited because both client and server must be vulnerable. While our client-side is vulnerable, the server-side is not. This limits exposure to potential man-in-the-middle (MITM) attacks only to sessions our software initiates with servers outside of our control that are running a vulnerable version of OpenSSL (OpenSSL 1.0.1 and 1.0.2-beta1). As such, services that may be vulnerable to MITM depending on customer configuration include: firewall services using SSL configured to use a proxy running a vulnerable OpenSSL server, syslog over SSL to a syslog server running a vulnerable OpenSSL server, and the User-ID agent connecting to a directory server running a vulnerable OpenSSL server. GlobalProtect is not vulnerable because our portal and gateway servers are not vulnerable.\n\nIn response to these issues, Palo Alto Networks is including a patch to the OpenSSL software used across our products with the next scheduled maintenance release for all supported versions of PAN-OS / Panorama, User-ID agent, and GlobalProtect. Users can mitigate their exposure by ensuring that any servers described above are not running vulnerable versions of OpenSSL (1.0.1 and 1.0.2-beta1). If customers have any further questions related to product exposure to this OpenSSL security advisory, they can contact support.\nThis issue requires an attacker to be able to act as a man-in-the-middle to certain firewall services, such as syslog, User-ID agent, or services between PAN-OS / Panorama and a proxy. The issue further requires that the servers that PAN-OS / Panorama initiates connections with to perform these services are also vulnerable to CVE-2014-0224.\n\nGlobalProtect VPN is not vulnerable, as the PAN-OS Portal and Gateway servers are not vulnerable.\nThis issue affects All versions of PAN-OS / Panorama.","supportingMedia":[{"type":"text/html","base64":"false","value":"
The Palo Alto Networks product security engineering team has completed analysis of our products' exposure to the vulnerabilities described in the OpenSSL Security Advisory dated June 5th, 2014. Of the 7 CVEs highlighted in the advisory, only CVE-2014-0224 is relevant to our software. The remaining vulnerabilities to not apply because we do not use or support use of Datagram Transport Layer Security (DTLS), nor do we use anonymous Elliptic curve Diffie-Hellman (ECDH) on our software clients. Our exposure to CVE-2014-0224 is limited because both client and server must be vulnerable. While our client-side is vulnerable, the server-side is not. This limits exposure to potential man-in-the-middle (MITM) attacks only to sessions our software initiates with servers outside of our control that are running a vulnerable version of OpenSSL (OpenSSL 1.0.1 and 1.0.2-beta1). As such, services that may be vulnerable to MITM depending on customer configuration include: firewall services using SSL configured to use a proxy running a vulnerable OpenSSL server, syslog over SSL to a syslog server running a vulnerable OpenSSL server, and the User-ID agent connecting to a directory server running a vulnerable OpenSSL server. GlobalProtect is not vulnerable because our portal and gateway servers are not vulnerable.\n\nIn response to these issues, Palo Alto Networks is including a patch to the OpenSSL software used across our products with the next scheduled maintenance release for all supported versions of PAN-OS / Panorama, User-ID agent, and GlobalProtect. Users can mitigate their exposure by ensuring that any servers described above are not running vulnerable versions of OpenSSL (1.0.1 and 1.0.2-beta1). If customers have any further questions related to product exposure to this OpenSSL security advisory, they can contact support.\nThis issue requires an attacker to be able to act as a man-in-the-middle to certain firewall services, such as syslog, User-ID agent, or services between PAN-OS / Panorama and a proxy. The issue further requires that the servers that PAN-OS / Panorama initiates connections with to perform these services are also vulnerable to CVE-2014-0224.\n\nGlobalProtect VPN is not vulnerable, as the PAN-OS Portal and Gateway servers are not vulnerable.\nThis issue affects All versions of PAN-OS / Panorama."}]}],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"6.0.4","status":"unaffected","lessThan":"6.0*","versionType":"custom"},{"version":"5.1.9","status":"unaffected","lessThan":"5.1*","versionType":"custom"},{"version":"5.0.14.","status":"unaffected","lessThan":"5.0*","versionType":"custom"}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2014-0224"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE","baseScore":7.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-310","cweId":"CWE-310"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"advisory":"PAN-SA-2014-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"Services running over SSL from PAN-OS / Panorama to 3rd party servers (i.e. syslog server, directory services server) are only vulnerable to a possible MITM attack if the server is also vulnerable to CVE-2014-0224. Ensure that the 3rd party service's server is not running a vulnerable version of OpenSSL (1.0.1 and 1.0.2-beta1).","supportingMedia":{"value":"Services running over SSL from PAN-OS / Panorama to 3rd party servers (i.e. syslog server, directory services server) are only vulnerable to a possible MITM attack if the server is also vulnerable to CVE-2014-0224. Ensure that the 3rd party service's server is not running a vulnerable version of OpenSSL (1.0.1 and 1.0.2-beta1).","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 6.0.4; PAN-OS 5.1.9; PAN-OS 5.0.14.","supportingMedia":{"value":"PAN-OS 6.0.4; PAN-OS 5.1.9; PAN-OS 5.0.14.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6602","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #30122)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #30122)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.3","versionType":"custom","changes":[{"at":"4.0.4","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6602"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["30122"],"advisory":"PAN-SA-2012-0013","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6594","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34299)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34299)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.0","versionType":"custom","changes":[{"at":"4.1.1","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.11","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6594"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34299"],"advisory":"PAN-SA-2012-0005","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later; PAN-OS 3.1.11 and later.","supportingMedia":{"value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later; PAN-OS 3.1.11 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6595","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34595)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34595)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.1","versionType":"custom","changes":[{"at":"4.1.2","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6595"}],"metrics":[{"cvssV4_0":{"version":"4.0","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","subConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","subIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subAvailabilityImpact":"HIGH","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED","baseSeverity":"HIGH","baseScore":8.4,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"vulnogram 0.1.0-rc1"},"source":{"defect":["34595"],"advisory":"PAN-SA-2012-0006","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.2 and later. PAN-OS 4.0.9 and later.","supportingMedia":{"value":"PAN-OS 4.1.2 and later. PAN-OS 4.0.9 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6605","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #34896)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #34896)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6605"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34896"],"advisory":"PAN-SA-2012-0016","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6601","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. (Ref #36983)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an unauthenticated user can execute arbitrary code as root on the device. (Ref #36983)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.3","versionType":"custom","changes":[{"at":"4.1.4","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.9","versionType":"custom","changes":[{"at":"4.0.10","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.11","versionType":"custom","changes":[{"at":"3.1.12","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6601"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["36983"],"advisory":"PAN-SA-2012-0012","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","supportingMedia":{"value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6604","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #35249)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can execute arbitrary code as root using the device management command line interface. (Ref #35249)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.8 and earlier; PAN-OS 3.1.10 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.10","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6604"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["35249"],"advisory":"PAN-SA-2012-0015","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.9 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6603","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Credential Bypass Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an unauthenticated user can get administrator access to the device via the web management UI without supplying credentials. (Ref #37034)\nThis vulnerability can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an unauthenticated user can get administrator access to the device via the web management UI without supplying credentials. (Ref #37034)\nThis vulnerability can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.3 and earlier; PAN-OS 4.0.9 and earlier; PAN-OS 3.1.11 and earlier."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.3","versionType":"custom","changes":[{"at":"4.1.4","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.9","versionType":"custom","changes":[{"at":"4.0.10","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.11","versionType":"custom","changes":[{"at":"3.1.12","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6603"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-287 Improper Authentication","cweId":"CWE-287"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["37034"],"advisory":"PAN-SA-2012-0014","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","supportingMedia":{"value":"PAN-OS 4.1.4 and later; PAN-OS 4.0.10 and later; PAN-OS 3.1.12 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6599","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33476)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33476)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.0 and earlier; PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.0","versionType":"custom","changes":[{"at":"4.1.1","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6599"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["33476"],"advisory":"PAN-SA-2012-0010","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later.","supportingMedia":{"value":"PAN-OS 4.1.1 and later; PAN-OS 4.0.8 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6598","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33080)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #33080)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.7 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.7","versionType":"custom","changes":[{"at":"4.0.8","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6598"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["33080"],"advisory":"PAN-SA-2012-0009","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.8 and later.","supportingMedia":{"value":"PAN-OS 4.0.8 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6600","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34502)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #34502)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.1.1 and earlier; PAN-OS 4.0.8 and earlier; PAN-OS 3.0.x is not affected."}]}],"x_affectedList":["PAN-OS 4.1","PAN-OS 4.0"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.1","status":"affected","lessThanOrEqual":"4.1.1","versionType":"custom","changes":[{"at":"4.1.2","status":"unaffected"}]},{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.8","versionType":"custom","changes":[{"at":"4.0.9","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6600"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.4,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["34502"],"advisory":"PAN-SA-2012-0011","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.1.2 and later; PAN-OS 4.0.9 and later.","supportingMedia":{"value":"PAN-OS 4.1.2 and later; PAN-OS 4.0.9 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6591","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #31116)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an authenticated user can inject arbitrary shell commands using the device management command line interface. (Ref #31116)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device. The attacker must still be an authenticated administrator of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.4","versionType":"custom","changes":[{"at":"4.0.5","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6591"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["31116"],"advisory":"PAN-SA-2012-0002","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6593","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. (Ref #30088)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. (Ref #30088)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.3 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.3","versionType":"custom","changes":[{"at":"4.0.4","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6593"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["30088"],"advisory":"PAN-SA-2012-0004","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.4 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}},{"dataType":"CVE_RECORD","dataVersion":"5.0","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2012-6592","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","datePublished":"2012-04-27T23:30:00.000Z","dateReserved":"2012-04-27T23:30:00.000Z"},"containers":{"cna":{"title":"Command Injection Vulnerability","datePublic":"2012-04-27T23:30:00.000Z","providerMetadata":{"dateUpdated":"2020-02-17T16:03:43","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"descriptions":[{"lang":"en","value":"A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. (Ref #31091)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier.","supportingMedia":[{"type":"text/html","base64":"false","value":"
A vulnerability exists whereby an unauthenticated user can inject commands as root on the device. (Ref #31091)\nThis vulnerability can result in arbitrary command execution, and can result in total compromise of the device.\nThis issue affects PAN-OS 4.0.4 and earlier; PAN-OS 3.1.9 and earlier."}]}],"x_affectedList":["PAN-OS 4.0","PAN-OS 3.1"],"affected":[{"vendor":"Palo Alto Networks","product":"PAN-OS","versions":[{"version":"4.0","status":"affected","lessThanOrEqual":"4.0.4","versionType":"custom","changes":[{"at":"4.0.5","status":"unaffected"}]},{"version":"3.1","status":"affected","lessThanOrEqual":"3.1.9","versionType":"custom","changes":[{"at":"3.1.10","status":"unaffected"}]}]}],"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://security.paloaltonetworks.com/CVE-2012-6592"}],"metrics":[{"cvssV3_1":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":9.8,"baseSeverity":"CRITICAL"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')","cweId":"CWE-78"}]}],"x_generator":{"engine":"Vulnogram 0.0.9"},"source":{"defect":["31091"],"advisory":"PAN-SA-2012-0003","discovery":"UNKNOWN"},"workarounds":[{"lang":"en","value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","supportingMedia":{"value":"This issue affects the management interface of the device. Security appliance management best practices dictate that the management interface be isolated and strictly limited only to security administration personnel.","type":"text/html","base64":false}}],"solutions":[{"lang":"en","value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","supportingMedia":{"value":"PAN-OS 4.0.5 and later; PAN-OS 3.1.10 and later.","type":"text/html","base64":false}}],"timeline":[]}}}]}