CVE-2024-0012

Published Nov 18, 2024
Last updated 5 months ago
Exploit known CVSS critical 9.3
Palo Alto Networks
PAN-OS
Network
Overview

Description: An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Source: psirt@paloaltonetworks.com
NVD status: Analyzed
Products: pan-os
Risk scores

CVSS 4.0

Type: Secondary
Base score: 9.3
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Red
Severity: CRITICAL
CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL
Known exploits

Data from CISA
Vulnerability name: Palo Alto Networks PAN-OS Management Interface Authentication Bypass Vulnerability
Exploit added on: Nov 18, 2024
Exploit action due: Dec 9, 2024
Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Additionally, management interface for affected devices should not be exposed to untrusted networks, including the internet.
Weaknesses

psirt@paloaltonetworks.com: CWE-306
nvd@nist.gov: CWE-306
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "F54B40AC-A555-4447-B147-576D17CAB12A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "matchCriteriaId": "BEC5E9D4-1B58-4C89-8B68-47F996C04234",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "matchCriteriaId": "DDDEB31F-EFDD-4A66-9687-7FFCF8EFDAAF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "matchCriteriaId": "9C664207-FA80-467E-853B-CBF61F01115F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "matchCriteriaId": "0F30A71D-281E-4BF8-803F-05B517399C6A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "matchCriteriaId": "5CB7F608-4F03-46EF-A27E-4C8F5363FF5E",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "matchCriteriaId": "2269819F-11BD-482C-B8D2-96A9C7AD54D4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "33340036-0E81-41CD-AFC4-480F509F8DD2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "matchCriteriaId": "5D7986DC-187D-4798-8B4A-7D23DF0EE0C8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "matchCriteriaId": "9D1FAC78-7714-48EC-9FDB-1A565814B958",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "matchCriteriaId": "4B86668F-7BC5-4F50-AE80-E99F6DE370D7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "matchCriteriaId": "0E4172BC-EA53-4E01-B14D-BA897EBA2EAE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "matchCriteriaId": "98F219AD-A22F-47AC-88FE-B3F75AE059AC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "matchCriteriaId": "A79C13FD-C909-4FEE-AE24-A085E953D887",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "matchCriteriaId": "A7FCFB45-1150-4F9C-8E4B-3DB2ADE89454",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "matchCriteriaId": "0D4B4DCE-1593-4F8A-A461-A41290FE0041",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "matchCriteriaId": "50F0801B-FC9F-4018-A837-CAB8CB9C9CD4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "matchCriteriaId": "C8C4AC1F-4FF0-4500-AFBB-F29613358156",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "matchCriteriaId": "6FE16CA7-422A-4A53-8DDC-CB3A982C154F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "matchCriteriaId": "6ADF2A5B-DC55-44B1-A033-4A29C32AB5B1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "matchCriteriaId": "A17FE6D6-E0C3-4E82-A721-75C4E8001984",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "matchCriteriaId": "20673F1E-733D-41C4-A644-C482431C26EC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "matchCriteriaId": "156DA55E-4152-47BF-A067-136EEC9ADE22",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "matchCriteriaId": "C2D2F5C4-7ACC-4514-ADBD-3948158B93CC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
            "matchCriteriaId": "AEE36B5C-262E-42B0-B3C1-5EAA003E84B7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
            "matchCriteriaId": "619AD3DA-9384-4CC5-9F3D-66DB5A055BCB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
            "matchCriteriaId": "1360C403-BCD8-420E-B907-4127E12B3A3A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
            "matchCriteriaId": "22206C8D-A8E8-4947-A277-F3256FD5D8ED",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
            "matchCriteriaId": "B3AF86BD-C317-45C7-96B6-34BD82579FDB",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
            "matchCriteriaId": "09F61A78-1B7C-41F1-A0D8-0AB1E7ADF68C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
            "matchCriteriaId": "7B7C37B3-EDA9-45D9-94A2-E7B24BA6C887",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "matchCriteriaId": "AA4994CB-6591-4B44-A5D7-3CDF540B97DE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "matchCriteriaId": "A6AB7874-FE24-42AC-8E3A-822A70722126",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
            "matchCriteriaId": "5D64390F-F870-4DBF-B0FE-BCDFE58C8685",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
            "matchCriteriaId": "F70FC9DF-10C9-4AE5-B64B-3153E2E4E9E8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
            "matchCriteriaId": "C3D6D552-6F33-496A-A505-5F59DF3B487B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
            "matchCriteriaId": "CBA2B4FA-16C2-41B9-856D-EDC0CAF7A164",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
            "matchCriteriaId": "E5E6A893-2994-40A3-AF35-8AF068B0DE42",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
            "matchCriteriaId": "D814F3A3-5E9D-426D-A654-1346D9ECE9B3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
            "matchCriteriaId": "8C7E9211-7041-4720-B4B9-3EA95D425263",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
            "matchCriteriaId": "CEB258EE-2C6E-4A63-B04C-89C5F76B0878",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
            "matchCriteriaId": "0F481B0E-2353-4AB0-8A98-B0EFBC409868",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
            "matchCriteriaId": "4E9EB9C6-78BA-4C66-A4BD-856BF27388CE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "matchCriteriaId": "03C5ABF2-8C53-4376-8A64-6CB34E18E77C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "matchCriteriaId": "872BC747-512A-4872-AC86-E7F1DC589F47",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "matchCriteriaId": "67F527D0-F85B-4B83-AEA5-BA636FC89210",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "matchCriteriaId": "6CF8F985-7E51-49E6-857A-FAAF027F5611",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "matchCriteriaId": "B437DCEA-ABA3-41CA-B320-97EC430F1122",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "matchCriteriaId": "593AFE7A-CB37-4156-A2B8-646A317F3176",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
            "matchCriteriaId": "2B3D7DBA-C90C-451D-94C3-8B7066826308",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
            "matchCriteriaId": "010F170D-438E-4A57-98B9-E7522FD95FC3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
            "matchCriteriaId": "AD8795BE-5CC2-443D-99AD-BD6985CADBA7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
            "matchCriteriaId": "F3D096D4-E60E-4D4C-9122-C36B775B4A6F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
            "matchCriteriaId": "FEE28628-E969-44FC-B577-066DB98BBDA0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*",
            "matchCriteriaId": "3D33A0FB-7538-42BF-84E8-7CCD7EEF9355",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*",
            "matchCriteriaId": "FB95D77F-1263-4D47-A0BB-94A6DA937115",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "8BB72E15-486F-491F-A08D-E1AC2C8AB121",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "matchCriteriaId": "B5E7EFD5-2179-45BF-BF5B-197B66903D9C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "matchCriteriaId": "3EF4AE4F-36F3-4923-AE1E-DE9E036D4E2F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "matchCriteriaId": "10587864-8777-40F9-B162-BFBFAB8F5E06",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "matchCriteriaId": "10A69DAE-5AD5-4E1C-9DF0-C7B7BB023B66",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "matchCriteriaId": "DFAA23E0-232D-42AA-A5A9-87063348D0DF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "matchCriteriaId": "50EA3EAC-91BD-4B30-A885-BED95B48CC3F",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "matchCriteriaId": "FD0CC02E-6079-4094-A355-E3300D7D4DD1",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "C25AD9EA-7DDC-4704-9D7C-A1D6C1F5F696",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "matchCriteriaId": "2416C2EF-1085-493D-84D7-18F7577D4A01",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "matchCriteriaId": "5E1D99D8-300C-4985-835C-3EBA2BFC098B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "matchCriteriaId": "8B689FAD-0469-4222-A7EF-3268CCDA43A7",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "matchCriteriaId": "CB3F7D3E-1479-435B-9249-F8F963440D0A",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "matchCriteriaId": "D27A5944-FCD8-44AB-9986-0FCA24E81F5B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "matchCriteriaId": "B4425F47-446D-49C1-AAC9-5F5B7E5422A6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "matchCriteriaId": "CC74ECE3-4F2C-450C-A781-16B1E53AF960",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "matchCriteriaId": "22F4FF25-B12D-4FE2-83FC-B0DEE75FEE1D",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "matchCriteriaId": "A0ED8E63-B8F0-482A-A8A9-13C21D60EEB9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "matchCriteriaId": "9110DBFB-07D6-4D64-A8AA-C0E7A7037A87",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "723956E9-11FD-42A0-8A35-C1FDE9E1877C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "matchCriteriaId": "5601B7E0-68C9-4226-AA3D-D20012F6394B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "matchCriteriaId": "6C953C2D-771C-40FC-AA09-1DFB0272AF47",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "matchCriteriaId": "0B4139E6-7623-4227-98AF-383ADE9D9A0B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
            "matchCriteriaId": "C6AF1333-12CF-4826-8ED3-0791495E61C4",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
            "matchCriteriaId": "0E5FD0C6-81DB-4FFE-BDFC-A7DE0EE068FF",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:-:*:*:*:*:*:*",
            "matchCriteriaId": "2B6C3AFF-3649-484C-A2FB-B71EE02FF176",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "82FBA0C5-1385-42DD-A85D-DA1D818D0EF3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
            "matchCriteriaId": "6FAC22EB-FB4C-4E9D-99A1-D4902262ED06",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
            "matchCriteriaId": "B3D65F1C-B055-408E-B7F2-512F13BEDCA6",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
            "matchCriteriaId": "B1B284FD-575E-46EA-95D8-D9E5FBBA8229",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
            "matchCriteriaId": "2DC41D6E-8632-44BB-BC05-7C22A02306A2",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
            "matchCriteriaId": "AF099226-A77E-4FDC-A044-8CA46D015C2C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "5F7627B3-A463-4570-BA23-663FEB7B4A8B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
            "matchCriteriaId": "275872C1-1EBB-4447-8C9F-347F757BFF42",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
            "matchCriteriaId": "F83E2987-F7B0-486C-8DC3-3C4A8B76F295",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
            "matchCriteriaId": "5F6ACDFF-947E-4175-8A2A-8B43B86AA8B0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
            "matchCriteriaId": "4F36A8CA-4B15-4A88-BA51-2346506DE6E5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
            "matchCriteriaId": "F6CED1CC-D63C-4A10-9035-C461CA35E584",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
            "matchCriteriaId": "BC83C63B-54C8-4667-8742-30A5477414B5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
            "matchCriteriaId": "D828F283-5CE8-49BA-BFEF-92471C2ADEAE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
            "matchCriteriaId": "86053616-71FB-4F6E-8B1E-97C2DA6C08A8",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
            "matchCriteriaId": "0D1E3767-9517-4181-8355-DC0FB1139C95",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
            "matchCriteriaId": "9A3435A9-2100-4EB3-B20C-6A194A742BCD",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
            "matchCriteriaId": "502BF06E-5B51-41F7-9A88-26051675FE0C",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
            "matchCriteriaId": "D953B45F-7F10-4087-AE3A-BD9AB977AF8B",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "DF83EAA1-49E1-4AD0-A049-F1B3065950BC",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "matchCriteriaId": "BE3F7369-9F35-409A-9F47-45A959592DFA",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "matchCriteriaId": "E9DB4DA9-2262-4E9E-B3A1-49D261D01295",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:-:*:*:*:*:*:*",
            "matchCriteriaId": "7B2C0E11-A6CE-419D-86A0-3930DE25B544",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*",
            "matchCriteriaId": "CDFD8B17-5871-4897-B9F1-1A01C6D040A9",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*",
            "matchCriteriaId": "D8AFDFCC-F635-4493-8E98-A87AAAABCB27",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:-:*:*:*:*:*:*",
            "matchCriteriaId": "9B346381-C972-46AE-97D5-425FC27658BE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*",
            "matchCriteriaId": "3F3A4E32-1A9A-4DD2-A71C-44D8F20A3C08",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:*",
            "matchCriteriaId": "004BE44F-2BA5-411D-96ED-3D92C13160AE",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "matchCriteriaId": "C01AD190-F3C2-4349-A063-8C5C78B725B9",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 4.0

CVSS 3.1

Known exploits

Weaknesses

Social media

Configurations

Related CVEs

References
