Security Advisories
This section provides a listing of all security vulnerabilities identified in currently supported Palo Alto Networks products. Each vulnerability is given a criticality rating and an updated status on any updates or mitigations regarding each discovered vulnerablity. Each vulnerability listing also provides a list of the versions of PAN OS the vulnerability is known to affect.
Please disclose vulnerability discoveries to the Palo Alto Networks Product Security Incident Response Team (PSIRT)
Security Advisory Listing
Showing 1
to
25 |
first | prev |
next
| Title | ID | Severity | Products Affected | First Published | Last Updated |
|---|
S(zlwjd2qa5nr3ru2ycw3c2dkg))/Content/Images/DetailIcon.gif "Detail") PAN-OS on PA-7000 Series: Improper restriction of communication to Log Forwarding Card (LFC) allows root access (CVE-2019-17440)
|
PAN-SA-2019-0040 | CRITICAL | This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7000 Series with second-generation Switch Management Card (SMC) and an LFC installed and configured. | 12/19/2019 | 12/19/2019 |
|
Custom-role users may escalate privileges (CVE-2019-17437)
|
PAN-SA-2019-0038 | HIGH | This issue affects PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.11; 9.0 versions prior to 9.0.5. PAN-OS version 7.0 and prior EOL versions have not been evaluated for this issue. | 12/04/2019 | 12/04/2019 |
|
OpenSSL vulnerability CVE-2019-1559 has been resolved in PAN-OS
|
PAN-SA-2019-0039 | MEDIUM | This issue affects Palo Alto Networks PAN-OS 7.1 versions prior to 7.1.25; 8.0 versions prior to 8.0.20; 8.1 versions prior to 8.1.8; 9.0 versions prior to 9.0.2. PAN-OS 7.0 and prior EOL versions have not been evaluated for this issue. | 12/04/2019 | 12/04/2019 |
|
Local Privilege Escalation in GlobalProtect Agent for Windows
|
PAN-SA-2019-0036 | Medium | GlobalProtect Agent 5.0.3 and earlier for Windows and GlobalProtect Agent 4.1.12 and earlier for Windows. | 10/15/2019 | 10/15/2019 |
|
Local Privilege Escalation in GlobalProtect Agent for Linux and Mac OS
|
PAN-SA-2019-0037 | Medium | GlobalProtect Agent 5.0.4 and earlier for Linux and Mac OS and GlobalProtect Agent 4.1.12 and earlier for Linux and Mac OS. | 10/15/2019 | 10/15/2019 |
|
Remote Command Injection in Zingbox Inspector
|
PAN-SA-2019-0025 | Low | Zingbox Inspector, versions 1.293 and earlier. | 10/01/2019 | 10/01/2019 |
|
Command Injection in Zingbox Inspector
|
PAN-SA-2019-0026 | High | Zingbox Inspector, versions 1.286 and earlier. | 10/01/2019 | 10/01/2019 |
|
Hardcoded Credentials in Zingbox Inspector
|
PAN-SA-2019-0027 | High | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
SQL Injection in Zingbox Inspector
|
PAN-SA-2019-0028 | High | Zingbox Inspector, versions 1.288 and earlier. | 10/01/2019 | 10/01/2019 |
|
SSH Service Exposed in Zingbox Inspector
|
PAN-SA-2019-0029 | High | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
Tenant authentication bypass in Zingbox Inspector
|
PAN-SA-2019-0030 | High | Zingbox Inspector, versions 1.280 and earlier. | 10/01/2019 | 10/01/2019 |
|
Insecure Firmware Validation in Zingbox Inspector
|
PAN-SA-2019-0031 | Medium | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
Command Injection in Zingbox Inspector
|
PAN-SA-2019-0032 | Medium | Zingbox Inspector, versions 1.293 and earlier. | 10/01/2019 | 10/01/2019 |
|
Server-side Request Forgery in Zingbox Inspector
|
PAN-SA-2019-0033 | Low | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
ARP Spoofing in Zingbox Inspector
|
PAN-SA-2019-0034 | Low | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
Insecure Password Storage in Zingbox Inspector
|
PAN-SA-2019-0035 | Low | Zingbox Inspector, versions 1.294 and earlier. | 10/01/2019 | 10/01/2019 |
|
Escalation of Privilege in Twistlock
|
PAN-SA-2019-0024 | Low | Twistlock console 19.07.357 and earlier | 08/22/2019 | 08/23/2019 |
|
Remote code execution in PAN-OS SSH management interface
|
PAN-SA-2019-0022 | Critical | PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. | 08/21/2019 | 08/23/2019 |
|
Memory Corruption in PAN-OS
|
PAN-SA-2019-0021 | Critical | PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earlier, PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. | 08/21/2019 | 08/21/2019 |
|
Memory Corruption in PAN-OS
|
PAN-SA-2019-0023 | High | PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and earlier. PAN-OS 7.1 and 8.0 are NOT affected. | 08/21/2019 | 08/21/2019 |
|
Remote Code Execution in GlobalProtect Portal/Gateway Interface
|
PAN-SA-2019-0020 | Critical | PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier releases. PAN-OS 9.0 is not affected. | 07/18/2019 | 07/24/2019 |
|
Privilege Escalation in PAN-OS
|
PAN-SA-2019-0017 | Medium | PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier. | 07/15/2019 | 07/15/2019 |
|
Command Injection in PAN-OS
|
PAN-SA-2019-0018 | Medium | PAN-OS 9.0.2 and earlier. PAN-OS 7.1, PAN-OS 8.0 and PAN-OS 8.1 are NOT affected. | 07/15/2019 | 07/15/2019 |
|
Information Disclosure in PAN-OS Management API Usage
|
PAN-SA-2019-0019 | Medium | PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier. | 07/15/2019 | 07/15/2019 |
|
Information Disclosure in WildFire Appliance (WF-500)
|
PAN-SA-2019-0016 | Medium | WildFire Appliance (WF-500) running appliance software all versions of 7.1, versions 8.0.17 and earlier, and versions of 8.1.8 and earlier. | 07/08/2019 | 07/08/2019 |
Showing 1
to
25 |
first | prev |
next