Visa Inc

**Name of the Vulnerable Software and Affected Versions** PAN-OS versions 10.2 (affected versions not specified) PAN-OS versions 11.1 (affected versions not specified) PAN-OS versions 11.2 (affected versions not specified) PAN-OS versions 12.1 (affected versions not specified) **Description** A command injection issue in PAN-OS software allows an authenticated administrator to bypass system restrictions and execute arbitrary commands with root privileges. This can be achieved through the CLI or the web management interface. The issue affects PA-Series and VM-Series firewalls, as well as Panorama virtual and M-Series appliances. **Recommendations** Update PAN-OS version 10.2 to the patched release. Update PAN-OS version 11.1 to the patched release. Update PAN-OS version 11.2 to the patched release. Update PAN-OS version 12.1 to the patched release. Restrict CLI access to a limited group of administrators. Restrict access to the management web interface to trusted internal IP addresses.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS (affected versions not specified) **Description** An information disclosure issue in the software allows an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This could lead to the impersonation of users whose session tokens are leaked. The risk is reduced if CLI access is restricted to a limited group of administrators. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS (affected versions not specified) **Description** An improper input neutralization issue exists in the management web interface. This allows an authenticated administrator to bypass system restrictions and execute arbitrary commands. The risk is reduced when command-line interface access is limited to a small group of administrators. Cloud NGFW and Prisma Access are not affected. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Palo Alto Networks PAN-OS (affected versions not specified) **Description** A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. The user must have access to the PAN-OS CLI to exploit this issue. The security risk is significantly minimized when CLI access is restricted to a limited group of administrators. Cloud NGFW and Prisma Access are not affected by this vulnerability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.