CVE-2020-3048

Name of the Vulnerable Software and Affected Versions: PAN-OS versions prior to 9.0.14 PAN-OS versions prior to 9.1.9 PAN-OS versions prior to 10.0.5

Description: The issue occurs when certain invalid URL entries are contained in an External Dynamic List (EDL), causing the Device Server daemon to stop responding. This results in failed commits on the firewall and prevents administrators from making configuration changes, although the firewall remains functional. If the firewall restarts, it leads to a denial-of-service condition, and the firewall stops processing traffic.

Recommendations: For PAN-OS versions prior to 9.0.14, update to version 9.0.14 or later. For PAN-OS versions prior to 9.1.9, update to version 9.1.9 or later. For PAN-OS versions prior to 10.0.5, update to version 10.0.5 or later.