Palo Alto Networks (Prisma Access Browser,Cloud NGFW,PAN-OS,Prisma Access,Cloud NGFW,PAN-OS) Product Line November 2024 Security Update Advisory
Overview
Palo Alto Networks(https://www.paloaltonetworks.com/) has released a security update that fixes vulnerabilities in products it has been made. users of affected products are advised to update to the latest version.
Affected Products
Prisma Access Browser prior to version 130.59.2920.7
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.1.4
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.0.6
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.2.11
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.1.14
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.1.5
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.0.6
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.2.11
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.0.5
Cloud NGFW,PAN-OS,Prisma Access 10.2.5, < 10.2.4-h6 Prior to version 10.2.5
Cloud NGFW,PAN-OS,Prisma Access 10.1.14 and prior to version 10.1.14
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.2.4
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.1.5
Cloud NGFW,PAN-OS,Prisma Access prior to version 11.0.6
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.2.12
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS None
Cloud NGFW,PAN-OS None
Cloud NGFW,PAN-OS None
Cloud NGFW,PAN-OS None
Cloud NGFW,PAN-OS Prior to version 10.2.2
Cloud NGFW,PAN-OS Prior to version 10.1.7
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.0.3
Cloud NGFW,PAN-OS,Prisma Access 10.2.4-h5 and earlier
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.1.11
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access Prior to version 11.0.2
Cloud NGFW,PAN-OS,Prisma Access Prior to version 10.2.5
Cloud NGFW,PAN-OS,Prisma Access prior to version 10.1.10
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access 11.2.3, < 11.2.2-h3 Prior to version 11.2.3
Cloud NGFW,PAN-OS,Prisma Access 11.1.3-h10, < 11.1.2-h14 Prior to version
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access 10.2.8-h13, < 10.2.9-14, < 10.2.10-h7, < 10.2.11-h4, < 10.2.7-h16 or earlier
Cloud NGFW,PAN-OS,Prisma Access None
Cloud NGFW,PAN-OS,Prisma Access None
Resolved Vulnerabilities
In Prisma Access Browser, Palo Alto Networks incorporated the following Chromium security fixes into its products:
– https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html
– https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html
– https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html
– https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html (pan-sa-2024-0016, cvss 8.6) [1]
Vulnerability in Pan-OS nodes in Cloud NGFW,PAN-OS,Prisma Access (CVE-2024-5920, CVSS 1) [2]
Vulnerability with a denial of service condition in Cloud NGFW,PAN-OS,Prisma Access (CVE-2024-2550, CVSS 6.6) [3]
A vulnerability with a denial of service condition in Cloud NGFW, PAN-OS, and Prisma Access (CVE-2024-2551, CVSS 6.6) [4]
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. (CVE-2024-2552, CVSS 4.3) [5] A command injection vulnerability in Cloud NGFW,PAN-OS,Prisma Access enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall. (CVE-2024-2552, CVSS 4.3) [5]
In Cloud NGFW,PAN-OS, this vulnerability is a vulnerability in the proxy that allows an attacker to view internal network resources that are otherwise inaccessible (CVE-2024-5917, CVSS 1.7) [6]
Various legitimate users are vulnerable in Cloud NGFW, PAN-OS, and Prisma Access (CVE-2024-5918, CVSS 1.3) [7]
A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. (CVE-2024-5919, CVSS 1.2) [8] in Cloud NGFW,PAN-OS,Prisma Access
A vulnerability with a denial of service condition in Cloud NGFW, PAN-OS, and Prisma Access (CVE-2024-9472, CVSS 6.6) [9]
Vulnerability Patches
With the November 13, 2024 update, the following product-specific vulnerability patches were provided
Prisma Access Browser 130.117.2920.13 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.1.4 and later versions
Cloud NGFW,PAN-OS,Prisma Access 11.0.6 and later
Cloud NGFW,PAN-OS,Prisma Access 10.2.11 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.1.14 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.1.5 and later versions
Cloud NGFW,PAN-OS,Prisma Access 11.0.6 and later
Cloud NGFW,PAN-OS,Prisma Access 10.2.11 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.0.5 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.2.5, >= 10.2.4-h6 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.1.14 and later
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.2.4 and later
Cloud NGFW,PAN-OS,Prisma Access 11.1.5 and later
Cloud NGFW,PAN-OS,Prisma Access 11.0.6 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.2.12 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS All
Cloud NGFW,PAN-OS All
Cloud NGFW,PAN-OS All
Cloud NGFW,PAN-OS All
Cloud NGFW,PAN-OS 10.2.2 and later
Cloud NGFW,PAN-OS 10.1.7 and later
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.0.3 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.2.4-h5 and later
Cloud NGFW,PAN-OS,Prisma Access 10.1.11 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.0.2 and later versions
Cloud NGFW,PAN-OS,Prisma Access 10.2.5 and later
Cloud NGFW,PAN-OS,Prisma Access 10.1.10 and later versions
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 11.2.3, >= 11.2.2-h3 and later
Cloud NGFW,PAN-OS,Prisma Access 11.1.3-h10, >= 11.1.2-h14 and later
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access 10.2.8-h13, >= 10.2.9-14, >= 10.2.10-h7, >= 10.2.11-h4, >= 10.2.7-h16 and later
Cloud NGFW,PAN-OS,Prisma Access All
Cloud NGFW,PAN-OS,Prisma Access All
Referenced Sites
[1] Chromium: Monthly Vulnerability Updates
https://security.paloaltonetworks.com/PAN-SA-2024-0016
[2] PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in PAN-OS Enables Impersonation of a Legitimate Administrator
https://security.paloaltonetworks.com/CVE-2024-5920
[3] PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
https://security.paloaltonetworks.com/CVE-2024-2550
[4] PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
https://security.paloaltonetworks.com/CVE-2024-2551
[5] PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
https://security.paloaltonetworks.com/CVE-2024-2552
[6] PAN-OS: Server-Side Request Forgery in WildFire
https://security.paloaltonetworks.com/CVE-2024-5917
[7] PAN-OS: Improper Certificate Validation Enables Impersonation of a Legitimate GlobalProtect User
https://security.paloaltonetworks.com/CVE-2024-5918
[8] PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability
https://security.paloaltonetworks.com/CVE-2024-5919
[9] PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic