CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

StratogentNetworkTeam — Thu, 21 Nov 2024 19:16:43 GMT

It is suggested to upgrade to version 10.2.12-h2 to remediate the vulnerability. However, the firmware version 10.2.12-h2 is currently in monitoring status. It is also mentioned that the same fix is available in version 10.2.10-h9, which is the preferred version.

My question is: if the fix is available in the preferred version, why recommend upgrading to a version that is still in monitoring status?

Re: CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

mshekh — Fri, 27 Dec 2024 01:33:27 GMT

Hi @StratogentNetworkTeam

Based on your statement, it is recommended to upgrade the device to the preferred version as it is considered the most stable version. However, it is important to note that the decision to upgrade depends on the specific environment and any issues that may arise.

If you encounter any issues with the preferred release and the issue has been addressed in the latest version, it may be advisable to upgrade to the latest version.

Furthermore, if you have a test environment, it is recommended to validate the PAN-OS before performing the upgrade in the production environment. This will help ensure that the upgrade will not cause any unexpected issues or disruptions.

topic Re: CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) in Advanced Threat Prevention Discussions

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

Re: CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)