Home  :  Support   :  Security Advisories

Security Advisories

This section provides a listing of all security vulnerabilities identified in currently supported Palo Alto Networks products. Each vulnerability is given a criticality rating and an updated status on any updates or mitigations regarding each discovered vulnerablity. Each vulnerability listing also provides a list of the versions of PAN OS the vulnerability is known to affect.

Please disclose vulnerability discoveries to the Palo Alto Networks Product Security Incident Response Team (PSIRT)

Security Advisory Listing

 Title  ID  Severity  Products Affected  First  Published  Last  Updated
Detail
XPath Injection
PAN-SA-2016-0037 Low PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.5 and earlier 11/17/2016 11/17/2016
Detail
OpenSSH Vulnerability
PAN-SA-2016-0036 Low PAN-OS 5.0.X and earlier, PAN-OS 5.1.X and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.5 and earlier 11/17/2016 11/17/2016
Detail
Buffer Overflow in the Management Web Interface
PAN-SA-2016-0035 Critical PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.5 and earlier 11/17/2016 11/17/2016
Detail
Local Privilege Escalation
PAN-SA-2016-0034 Medium PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.5 and earlier 11/17/2016 11/17/2016
Detail
Cross-Site Scripting in Captive Portal
PAN-SA-2016-0033 Low PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.4 and earlier 10/31/2016 10/31/2016
Detail
Insecure Browser API Token Generation
PAN-SA-2016-0032 Medium PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.4 and earlier 10/31/2016 10/31/2016
Detail
Web interface denial of service
PAN-SA-2016-0027 High PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier 10/11/2016 10/31/2016
Detail
Kernel Vulnerabilities
PAN-SA-2016-0025 High PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.14 and earlier, PAN-OS 7.0.10 and earlier, PAN-OS 7.1.4 and earlier 10/03/2016 10/31/2016
Detail
Cross-Site Scripting in Web Interface
PAN-SA-2016-0031 Medium PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.13 and earlier, PAN-OS 7.0.9 and earlier, PAN-OS 7.1.4 and earlier 10/18/2016 10/18/2016
Detail
OpenSSL Vulnerabilities
PAN-SA-2016-0030 High PAN-OS 5.0, PAN-OS 5.1, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.11 and earlier 10/18/2016 10/18/2016
Detail
NTP Vulnerabilities
PAN-SA-2016-0019 Low PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.1 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.8 and earlier, PAN-OS 7.1.3 and earlier 08/15/2016 10/18/2016
Detail
Glibc DNS Resolver Vulnerability
PAN-SA-2016-0021 Low PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.7 and earlier, PAN-OS 7.1.3 and earlier 08/15/2016 10/18/2016
Detail
Insecure Server Configuration
PAN-SA-2016-0029 High PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.14 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.7 and earlier 10/18/2016 10/18/2016
Detail
OpenSSL Vulnerabilities
PAN-SA-2016-0028 Medium PAN-OS 5.0.19 and earlier, PAN-OS 5.1.12 and earlier, PAN-OS 6.0.13 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.7 and earlier 10/18/2016 10/18/2016
Detail
OpenSSL Vulnerabilities
PAN-SA-2016-0023 Low GlobalProtect agent 3.1.0 and earlier, TerminalServer agent 7.0.5 and earlier, UserID agent 7.0.5 and earlier 09/02/2016 10/12/2016
Detail
GlobalProtect Portal Version Disclosure
PAN-SA-2016-0026 Low PAN-OS 7.0.9 and earlier, PAN-OS 7.1.4 and earlier 10/04/2016 10/04/2016
Detail
Local privilege escalation
PAN-SA-2016-0012 Medium PAN-OS 5.0.18 and earlier, PAN-OS 5.1.11 and earlier, PAN-OS 6.0.13 and earlier, PAN-OS 6.1.11 and earlier, PAN-OS 7.0.7 and earlier 07/13/2016 09/12/2016
Detail
Web interface denial of service
PAN-SA-2016-0024 Medium PAN-OS 5.1.11 and earlier, PAN-OS 6.0.13 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.8 and earlier, PAN-OS 7.1.2 and earlier 09/08/2016 09/08/2016
Detail
Remote Text File Access on Traps Endpoint Server Management
PAN-SA-2016-0022 High Traps ESM Core version 3.3.3 and earlier 08/25/2016 08/25/2016
Detail
Cross-site scripting vulnerability
PAN-SA-2016-0009 Low PAN-OS 7.0.1 to PAN-OS 7.0.7 06/27/2016 08/24/2016
Detail
OpenSSH vulnerabilities
PAN-SA-2016-0011 Low PAN-OS 7.0.9 and earlier, PAN-OS 7.1.2 and earlier 07/12/2016 08/16/2016
Detail
OpenSSL Vulnerabilities
PAN-SA-2016-0020 High PAN-OS 5.0.X, PAN-OS-5.1.X, PAN-OS 6.0.13 and earlier, PAN-OS 6.1.12 and earlier, PAN-OS 7.0.8 and earlier, PAN-OS 7.1.3 and earlier 08/15/2016 08/15/2016
Detail
WildFire Cross-Site Scripting Vulnerability
PAN-SA-2016-0018 Medium Palo Alto Networks hosted WildFire cloud from January to August 9th 2016 08/12/2016 08/12/2016
Detail
Local Privilege Escalation in GlobalProtect Agent for OS X
PAN-SA-2016-0017 High GlobalProtect Agent for OS X 2.3.4 and earlier, GlobalProtect 3.0.2 and earlier 08/04/2016 08/04/2016
Detail
Web Interface Privilege Escalation
PAN-SA-2016-0016 High PAN-OS 5.0.18 and earlier, PAN-OS 5.1.11 and earlier, PAN-OS 6.0.13 and earlier, PAN-OS 6.1.10 and earlier, PAN-OS 7.0.4 and earlier 07/14/2016 07/22/2016