Palo Alto Networks Security Advisories / PAN-SA-2024-0012

PAN-SA-2024-0012 Informational Bulletin: OSS CVEs fixed in PAN-OS


Informational

JSON CSAF
Published 2024-10-29
Updated 2024-10-29

Description

The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS. While it was not determined that these CVEs have any significant impact on PAN-OS, they have been fixed out of an abundance of caution.

CVESummary
CVE-2019-17006This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2021-3518This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2021-25219This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS.
CVE-2021-27645This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS.
CVE-2021-34798This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS.
CVE-2022-1154This CVE is fixed in PAN-OS 10.2.3, and all later versions of PAN-OS.
CVE-2022-22822This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-22823This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-22824This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-23806This CVE is fixed in PAN-OS 11.2.3-h2, and all later versions of PAN-OS.
CVE-2022-23852This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-25235This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-25236This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-25315This CVE is fixed in PAN-OS 10.2.0, and all later versions of PAN-OS.
CVE-2022-28199This CVE is fixed in PAN-OS 10.2.4, and all later versions of PAN-OS.
CVE-2022-37434This CVE is fixed in PAN-OS 10.2.5, PAN-OS 11.0.1, and all later versions of PAN-OS.
CVE-2022-40674This CVE is fixed in PAN-OS 10.2.4, PAN-OS 11.0.1, and all later versions of PAN-OS.
CVE-2023-3446This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.2, and all later versions of PAN-OS.
CVE-2023-4527This CVE is fixed in PAN-OS 11.0.6, PAN-OS 11.1.4, and all later versions of PAN-OS.
CVE-2023-24329This CVE is fixed in PAN-OS 10.2.8, PAN-OS 11.0.4, and all later versions of PAN-OS.
CVE-2023-24538This CVE is fixed in PAN-OS 11.2.3-h2, and all later versions of PAN-OS.
CVE-2023-24540This CVE is fixed in PAN-OS 11.2.3-h2, and all later versions of PAN-OS.
CVE-2023-47234This CVE is fixed in PAN-OS 10.2.11, 11.0.4, 11.1.3, and all later versions of PAN-OS
CVE-2024-24790This CVE is fixed in PAN-OS 11.2.3-h2, and all later versions of PAN-OS.

Product Status

VersionsAffectedUnaffected

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Solution

The OSS CVEs are fixed in the respective PAN-OS versions.

Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2024 Palo Alto Networks, Inc. All rights reserved.