Palo Alto Networks Security Advisories - February 9, 2022

icecream-guy · February 09, 2022, 12:19:09 PM

New Palo Alto Networks Security Advisories.
Palo Alto Networks has published 7 new Security Advisories at https://security.paloaltonetworks.com on February 9, 2022:

GlobalProtect App
________________________________________
CVE-2022-0016 GlobalProtect App: Privilege Escalation Vulnerability When Using Connect Before Logon (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2022-0016

CVE-2022-0017 GlobalProtect App: Improper Link Resolution Vulnerability Leads to Local Privilege Escalation (Severity: HIGH)
https://security.paloaltonetworks.com/CVE-2022-0017

CVE-2022-0018 GlobalProtect App: Information Exposure Vulnerability When Connecting to GlobalProtect Portal With Single Sign-On Enabled (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2022-0018

CVE-2022-0019 GlobalProtect App: Insufficiently Protected Credentials Vulnerability on Linux (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2022-0019

CVE-2022-0021 GlobalProtect App: Information Exposure Vulnerability When Using Connect Before Logon (Severity: LOW)
https://security.paloaltonetworks.com/CVE-2022-0021

Cortex XSOAR
________________________________________
CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2022-0020

PAN-OS, Prisma Access
________________________________________
CVE-2022-0011 PAN-OS: URL Category Exceptions Match More URLs Than Intended in URL Filtering (Severity: MEDIUM)
https://security.paloaltonetworks.com/CVE-2022-0011

Please visit our Security Advisories website to learn more at https://security.paloaltonetworks.com/.
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support.

Regards,
Product Security Incident Response Team
Palo Alto Networks

Palo Alto Networks Security Advisories - February 9, 2022

icecream-guy