OpenSSL Vulnerabilities (PAN-SA-2016-0028)

Last revised: 10/18/2016


The OpenSSL library has been found to contain several vulnerabilities CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176. Palo Alto Networks software makes use of the vulnerable library. (Ref # PAN-48954/81411)

Severity: Medium

The OpenSSL library in use by PAN-OS is patched on a regular basis. Severities of the CVEs listed under the summary section range from low to moderate but have not been shown to be exploitable at the time of this advisory.

Products Affected

PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.13 and earlier; PAN-OS 6.1.12 and earlier; PAN-OS 7.0.7 and earlier

Available Updates

PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.14 and later; PAN-OS 6.1.13 and later; PAN-OS 7.0.8 and later

Workarounds and Mitigations