https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220580#M123282 <P>Hello.<BR />I was just looking at this severity 7.8 high&nbsp;<A href="https://security.paloaltonetworks.com/CVE-2025-0108" target="_blank">CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface</A>&nbsp;and it says PAN-OS &lt; 11.1.6-h1 is affected. This doc&nbsp;<A href="https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304" target="_blank">Support PAN-OS Software Release Guidance | Palo Alto Networks</A>&nbsp;says&nbsp;11.1.4-h7 is the "preferred version" which is affected. I usually try and stick with the "preferred version" but a severity 7.8 is concerning. I'm thinking about staying with the preferred version because my web management interface is not exposed to the internet. Would love to hear what others are thinking.</P> <P>Thanks!</P> Sun, 16 Feb 2025 19:43:07 GMT V.Benfanti 2025-02-16T19:43:07Z https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220580#M123282 <P>Hello.<BR />I was just looking at this severity 7.8 high&nbsp;<A href="https://security.paloaltonetworks.com/CVE-2025-0108" target="_blank">CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface</A>&nbsp;and it says PAN-OS &lt; 11.1.6-h1 is affected. This doc&nbsp;<A href="https://live.paloaltonetworks.com/t5/customer-resources/support-pan-os-software-release-guidance/ta-p/258304" target="_blank">Support PAN-OS Software Release Guidance | Palo Alto Networks</A>&nbsp;says&nbsp;11.1.4-h7 is the "preferred version" which is affected. I usually try and stick with the "preferred version" but a severity 7.8 is concerning. I'm thinking about staying with the preferred version because my web management interface is not exposed to the internet. Would love to hear what others are thinking.</P> <P>Thanks!</P> Sun, 16 Feb 2025 19:43:07 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220580#M123282 V.Benfanti 2025-02-16T19:43:07Z https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220593#M123286 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/123610331">@V.Benfanti</a>&nbsp;,</P> <P>&nbsp;</P> <P>Thanks for info, If you have&nbsp;<SPAN>restricted management interface access via only trusted internal IP addresses then it reduce the exposure factor however it's recommended to upgrade the device to fixed version to mitigate the vulnerability.&nbsp;</SPAN></P> Mon, 17 Feb 2025 02:25:22 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220593#M123286 mshekh 2025-02-17T02:25:22Z https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220955#M123327 <P>Exact same scenario for us.</P> <P>&nbsp;</P> <P>Can we expect a new prefered version soon? I prefer to stay on prefered version, I'm waiting before updating, but our cybersecurity expert is sleeping on my doorstep. If not, i'll update to 11.1.6-h1.</P> <P>&nbsp;</P> <P>Thanks!</P> Wed, 19 Feb 2025 16:37:20 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-2025-0108/m-p/1220955#M123327 JeromeLevesque 2025-02-19T16:37:20Z