CVSS Summary Versions Affected Unaffected Published Updated

7.5 N CVE-2020-2041 PAN-OS: Management web interface denial-of-service (DoS) PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 none none none < 8.1.16 8.0.* 10.0.* 9.1.* 9.0.* >= 8.1.16 none 2020-09-09 2020-09-09

7.2 CVE-2020-2042 PAN-OS: Buffer overflow in the management web interface PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 < 10.0.1 none none none >= 10.0.1 9.1.* 9.0.* 8.1.* 2020-09-09 2020-09-09

3 CVE-2020-2035 PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions PAN-OS 10.0 PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 10.0.* 9.1.* 9.0.* 8.1.* none none none none 2020-08-12 2020-08-12

0 PAN-SA-2020-0009 Informational: Mitigating threats for GlobalProtect clients connecting from untrusted networks GlobalProtect all none none 2020-08-06 2020-08-25

7.2 CVE-2020-2030 PAN-OS: OS command injection vulnerability in the management interface PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 none none < 8.1.15 8.0.* 7.1.* >= 9.1.0 >= 9.0.0 >= 8.1.15 none none 2020-07-08 2020-07-08

0 PAN-SA-2020-0007 Informational: Third-party or open source vulnerabilities that do not impact Palo Alto Networks Products PAN-OS all none all 2020-07-08 2020-07-08

10 N CVE-2020-2021 PAN-OS: Authentication Bypass in SAML Authentication PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 < 9.1.3 < 9.0.9 < 8.1.15 8.0.* none >= 9.1.3 >= 9.0.9 >= 8.1.15 none 7.1.* 2020-06-29 2020-06-29

7.2 CVE-2020-2027 PAN-OS: Buffer overflow in authd authentication response PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 none < 9.0.7 < 8.1.13 8.0.* 7.1.* >= 9.1.0 >= 9.0.7 >= 8.1.13 none none 2020-06-10 2020-06-10

7.2 CVE-2020-2029 PAN-OS: OS command injection vulnerability in management interface certificate generator PAN-OS 9.1 PAN-OS 9.0 PAN-OS 8.1 PAN-OS 8.0 PAN-OS 7.1 none none < 8.1.13 8.0.* < 7.1.26 >= 9.1.0 >= 9.0.0 >= 8.1.13 none >= 7.1.26 2020-06-10 2020-06-10

7 CVE-2020-2032 GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade GlobalProtect App 5.1 GlobalProtect App 5.0 < 5.1.4 on Windows < 5.0.10 on Windows >= 5.1.4 on Windows >= 5.0.10 on Windows 2020-06-10 2020-09-01