Security Advisories
This section provides a listing of all security vulnerabilities identified in currently supported Palo Alto Networks products. Each vulnerability is given a criticality rating and an updated status on any updates or mitigations regarding each discovered vulnerablity. Each vulnerability listing also provides a list of the versions of PAN OS the vulnerability is known to affect.
Please disclose vulnerability discoveries to the Palo Alto Networks Product Security Incident Response Team (PSIRT)
Security Advisory Listing
Showing 1
to
25 |
first | prev |
next
| Title | ID | Severity | Products Affected | First Published | Last Updated |
|---|
S(zlwjd2qa5nr3ru2ycw3c2dkg))/Content/Images/DetailIcon.gif "Detail") Escalation of Privilege in Twistlock
|
PAN-SA-2019-0024 | Low | Twistlock console 19.07.357 and earlier | 08/22/2019 | 08/23/2019 |
|
Remote code execution in PAN-OS SSH management interface
|
PAN-SA-2019-0022 | Critical | PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. | 08/21/2019 | 08/23/2019 |
|
Memory Corruption in PAN-OS
|
PAN-SA-2019-0021 | Critical | PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. | 08/21/2019 | 08/21/2019 |
|
Memory Corruption in PAN-OS
|
PAN-SA-2019-0023 | High | PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected. | 08/21/2019 | 08/21/2019 |
|
Remote Code Execution in GlobalProtect Portal/Gateway Interface
|
PAN-SA-2019-0020 | Critical | PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected. | 07/18/2019 | 07/24/2019 |
|
Privilege Escalation in PAN-OS
|
PAN-SA-2019-0017 | Medium | PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier. | 07/15/2019 | 07/15/2019 |
|
Command Injection in PAN-OS
|
PAN-SA-2019-0018 | Medium | PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected. | 07/15/2019 | 07/15/2019 |
|
Information Disclosure in PAN-OS Management API Usage
|
PAN-SA-2019-0019 | Medium | PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier. | 07/15/2019 | 07/15/2019 |
|
Information Disclosure in WildFire Appliance (WF-500)
|
PAN-SA-2019-0016 | Medium | WildFire Appliance (WF-500) running appliance software all versions of 7.1, versions 8.0.17 and earlier, and versions of 8.1.8 and earlier. | 07/08/2019 | 07/08/2019 |
|
Information about TCP SACK Panic Findings in PAN-OS
|
PAN-SA-2019-0013 | High | PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2-h3 and earlier. GlobalProtect Gateway and GlobalProtect portal are NOT affected by these issues. | 06/27/2019 | 06/28/2019 |
|
Code Injection Vulnerability in Traps
|
PAN-SA-2019-0014 | Low | Traps 5.0.5 and earlier, including all 4.x releases. These releases did not have the file protection (SPROT) enabled by default. Traps 5.0.6, 6.0 and later are NOT affected. | 06/27/2019 | 06/27/2019 |
|
Cross Site Scripting (XSS) in MineMeld
|
PAN-SA-2019-0015 | Low | Open Source Community Supported MineMeld version 0.9.60 and earlier. AutoFocus-Hosted MineMeld is NOT affected. | 06/27/2019 | 06/27/2019 |
|
Information about Recent Intel Side Channel Vulnerabilities
|
PAN-SA-2019-0012 | Low | WF-500 (WildFire Appliance) running any version of appliance software: PAN-OS 9.0, PAN-OS 8.1, PAN-OS 8.0 and PAN-OS 7.1. WildFire Cloud is affected by this issue. The Traps agent does not detect/prevent this specific type of CPU-level side-channel attack. | 05/29/2019 | 06/27/2019 |
|
Information about PAN-OS Finding
|
PAN-SA-2019-0011 | Info | Firewalls with GlobalProtect enabled and running PAN-OS 8.0.8 to PAN-OS 8.0.11-h1 or PAN-OS 8.1.0 to PAN-OS 8.1.1. Firewalls without GlobalProtect enabled and running PAN-OS 8.0.8 to PAN-OS 8.0.13 or PAN-OS 8.1.0 to PAN-OS 8.1.3. Firewalls running PAN-OS 7.1 or PAN-OS 9.0 are NOT affected. | 05/15/2019 | 05/16/2019 |
|
Cross Site Scripting (XSS) in Demisto
|
PAN-SA-2019-0010 | Medium | Demisto 4.5 build 40249 | 05/06/2019 | 05/06/2019 |
|
Cross-Site Scripting in Expedition Migration Tool
|
PAN-SA-2019-0009 | Low | Expedition 1.1.12 and earlier. Note that this issue only impacts the Palo Alto Networks Migration Tool (“Expedition”), a tool available from the Palo Alto Networks Live site. This issue does not affect PAN-OS or any other supported product or service. For more information on Expedition, see: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool. | 04/11/2019 | 04/11/2019 |
|
Information Disclosure in GlobalProtect Agent
|
PAN-SA-2019-0008 | Medium | GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS. GlobalProtect Agent for macOS 5.0 is NOT affected. | 04/09/2019 | 04/11/2019 |
|
Authentication Bypass in PAN-OS Management Web Interface
|
PAN-SA-2019-0005 | Critical | Only PAN-OS 9.0.0 | 03/28/2019 | 03/28/2019 |
|
Privilege Escalation in PAN-OS
|
PAN-SA-2019-0006 | Medium | This only affects 64bit systems with more than 32 GB of available memory. The affected platform and versions are PAN-OS 7.1.22 and earlier running on M-500 and WF-500; PAN-OS 8.0.15 and earlier running on PA-5220, PA-5250, PA-5260, M-500 and WF-500; and PAN-OS 8.1.6 and earlier running on PA-5220, PA-5250, PA-5260, PA-5280, M-500, M-600 and WF-500. PAN-OS 9.0 is NOT affected. | 03/20/2019 | 03/20/2019 |
|
Denial of Service in PAN-OS Management Interface
|
PAN-SA-2019-0007 | Medium | PAN-OS 7.1.22 and earlier, PAN-OS 8.0.15 and earlier, PAN-OS 8.1.6 and earlier. PAN-OS 9.0 is NOT affected | 03/20/2019 | 03/20/2019 |
|
Cross-Site Scripting in Expedition Migration Tool
|
PAN-SA-2019-0004 | Low | Expedition 1.1.8 and earlier. Note that this issue only impacts the Palo Alto Networks Migration Tool (“Expedition”), a tool available from the Palo Alto Networks Live site. This issue does not affect PAN-OS or any other supported product or service. For more information on Expedition, see: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool. | 03/12/2019 | 03/12/2019 |
|
Stored Cross-Site Scripting in Expedition Migration Tool
|
PAN-SA-2019-0003 | Low | Expedition 1.1.6 and earlier | 02/28/2019 | 02/28/2019 |
|
Cross-Site Scripting (XSS) in PAN-OS External Dynamic Lists
|
PAN-SA-2019-0001 | Medium | PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier. | 01/23/2019 | 01/23/2019 |
|
Cross-Site Scripting (XSS) in PAN-OS Management Web Interface
|
PAN-SA-2019-0002 | High | PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier. | 01/23/2019 | 01/23/2019 |
|
Remote Code Execution in Expedition Migration Tool
|
PAN-SA-2018-0017 | High | Expedition 1.0.107 and earlier. Note that this issue only impacts the Palo Alto Networks Migration Tool (“Expedition”), a tool available from the Palo Alto Networks Live site. This issue does not affect PAN-OS or any other supported product or service. For more information on Expedition, see: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool. | 12/11/2018 | 12/11/2018 |
Showing 1
to
25 |
first | prev |
next