{"document":{"category":"csaf_vex","csaf_version":"2.1","notes":[{"category":"summary","text":"Palo Alto Networks PSIRT provided VEX document. This document is autogenerated.","title":"Informational Bulletin: OSS CVEs fixed in PAN-OS"}],"publisher":{"category":"vendor","name":"Palo Alto Networks","namespace":"https://security.paloaltonetworks.com"},"title":"Palo Alto Networks PSIRT provided VEX document: PAN-SA-2024-0012","distribution":{"text":"Copyright © 2024 Palo Alto Networks. All rights reserved.","tlp":{"label":"CLEAR","url":"https://www.first.org/tlp/"}},"tracking":{"current_release_date":"2026-04-11T00:51:42.699Z","generator":{"date":"2026-04-11T00:51:42.699Z","engine":{"name":"vulnogram","version":"0.1.0-rc1"}},"id":"PAN-SA-2024-0012","initial_release_date":"2024-10-29T20:30:00.000Z","revision_history":[{"number":"1","date":"2026-04-10T17:51:42.000Z","summary":"Initial release"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"name":"Palo Alto Networks","category":"vendor","branches":[{"name":"PAN-OS","category":"product_name","branches":[{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.0","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-7"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.0","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-8"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-13"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-14"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.8|<11.0.2","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-29"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.8|>=11.0.2","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-30"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.14|<11.1.6|<11.1.8|<11.2.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-692"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.14|>=11.1.6|>=11.1.8|>=11.2.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-693"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-105"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-106"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.5|<11.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-107"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.5|>=11.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-108"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.4|<11.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-35"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.4|>=11.0.1","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-36"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <11.0.6|<11.1.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-109"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=11.0.6|>=11.1.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-110"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.8|<11.0.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-23"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.8|>=11.0.4","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-24"}},{"category":"product_version_range","name":"vers:generic/PAN-OS <10.2.11|<11.0.4|<11.1.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-111"}},{"category":"product_version_range","name":"vers:generic/PAN-OS >=10.2.11|>=11.0.4|>=11.1.3","product":{"name":"Palo Alto Networks PAN-OS","product_id":"PANW-PAN-OS-112"}}]}]}]},"vulnerabilities":[{"cve":"CVE-2019-17006","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2019-17006","url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17006"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2021-3518","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2021-3518","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3518"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2021-25219","product_status":{"fixed":["PANW-PAN-OS-14"],"known_affected":["PANW-PAN-OS-13"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2021-25219","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-25219"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS."}]},{"cve":"CVE-2021-27645","product_status":{"fixed":["PANW-PAN-OS-30"],"known_affected":["PANW-PAN-OS-29"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2021-27645","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-27645"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}]},{"cve":"CVE-2021-34798","product_status":{"fixed":["PANW-PAN-OS-30"],"known_affected":["PANW-PAN-OS-29"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2021-34798","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-34798"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-1154","product_status":{"fixed":["PANW-PAN-OS-14"],"known_affected":["PANW-PAN-OS-13"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-1154","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1154"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-22822","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-22822","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22822"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-22823","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-22823","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22823"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-22824","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-22824","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22824"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-23806","product_status":{"fixed":["PANW-PAN-OS-693"],"known_affected":["PANW-PAN-OS-692"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-23806","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23806"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-23852","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-23852","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23852"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-25235","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-25235","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25235"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-25236","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-25236","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25236"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-25315","product_status":{"fixed":["PANW-PAN-OS-8"],"known_affected":["PANW-PAN-OS-7"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-25315","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-25315"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-28199","product_status":{"fixed":["PANW-PAN-OS-106"],"known_affected":["PANW-PAN-OS-105"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.4, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-28199","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28199"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.4, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-37434","product_status":{"fixed":["PANW-PAN-OS-108"],"known_affected":["PANW-PAN-OS-107"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.5, PAN-OS 11.0.1, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-37434","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-37434"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.5, PAN-OS 11.0.1, and all later versions of PAN-OS."}]},{"cve":"CVE-2022-40674","product_status":{"fixed":["PANW-PAN-OS-36"],"known_affected":["PANW-PAN-OS-35"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2022-40674","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40674"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-3446","product_status":{"fixed":["PANW-PAN-OS-30"],"known_affected":["PANW-PAN-OS-29"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2023-3446","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3446"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-4527","product_status":{"fixed":["PANW-PAN-OS-110"],"known_affected":["PANW-PAN-OS-109"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 11.0.6, PAN-OS 11.1.4, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2023-4527","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-4527"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 11.0.6, PAN-OS 11.1.4, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-24329","product_status":{"fixed":["PANW-PAN-OS-24"],"known_affected":["PANW-PAN-OS-23"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2023-24329","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24329"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-24538","product_status":{"fixed":["PANW-PAN-OS-693"],"known_affected":["PANW-PAN-OS-692"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2023-24538","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24538"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-24540","product_status":{"fixed":["PANW-PAN-OS-693"],"known_affected":["PANW-PAN-OS-692"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2023-24540","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-24540"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}]},{"cve":"CVE-2023-47234","product_status":{"fixed":["PANW-PAN-OS-112"],"known_affected":["PANW-PAN-OS-111"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.11, 11.0.4, 11.1.3, and all later versions of PAN-OS"}],"references":[{"category":"external","summary":"NVD - CVE-2023-47234","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-47234"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.11, 11.0.4, 11.1.3, and all later versions of PAN-OS"}]},{"cve":"CVE-2024-24790","product_status":{"fixed":["PANW-PAN-OS-693"],"known_affected":["PANW-PAN-OS-692"]},"notes":[{"category":"description","text":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}],"references":[{"category":"external","summary":"NVD - CVE-2024-24790","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-24790"},{"category":"self","summary":"Palo Alto Networks Security Advisory PAN-SA-2024-0012","url":"https://security.paloaltonetworks.com/PAN-SA-2024-0012"}],"threats":[{"category":"impact","description":"This CVE is fixed in PAN-OS 10.2.14, PAN-OS 11.1.6-h2, PAN-OS 11.1.8, PAN-OS 11.2.3-h2, and all later versions of PAN-OS."}]}]}