https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221601#M123354 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/192671">@Alpalo</a>,</P> <P>Part of the issue with having such a wide spread of releases being ran due to code quality issues. PAN <EM>just&nbsp;</EM>released 11.1.4-h13 which addresses this issue yesterday evening. If you want to stick on 11.1.4 that would be the hotfix that you're looking for.&nbsp;</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h13-addressed-issues" target="_blank">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h13-addressed-issues</A></P> Fri, 21 Feb 2025 14:29:00 GMT BPry 2025-02-21T14:29:00Z https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221375#M123350 <P>Hi team</P> <P>I have a PA 1420 passive active cluster with the preferred version 11.1.4-h7</P> <P>However, reading the document:</P> <P><A href="https://security.paloaltonetworks.com/CVE-2025-0108" target="_blank">https://security.paloaltonetworks.com/CVE-2025-0108</A></P> <P>I am wondering if I am affected by this vulnerability or not, can anyone help me?</P> <P>Best regards.</P> Fri, 21 Feb 2025 08:47:33 GMT https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221375#M123350 Alpalo 2025-02-21T08:47:33Z https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221598#M123353 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/192671">@Alpalo</a>&nbsp;,</P> <P>&nbsp;</P> <P>The release notes don't mention this CVE in 11.1.4-h7.</P> <P>The CVE is explicitly mentioned in the release notes of 11.1.6-h1</P> <P>&nbsp;</P> <P>The advisory also mentions for 11.1.0 through 11.1.6 to upgrade to 11.1.6-h1 or later.</P> <P>&nbsp;</P> <P>Based on this information I would assume 11.1.4-h7 is vulnerable yes.</P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Fri, 21 Feb 2025 14:23:33 GMT https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221598#M123353 kiwi 2025-02-21T14:23:33Z https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221601#M123354 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/192671">@Alpalo</a>,</P> <P>Part of the issue with having such a wide spread of releases being ran due to code quality issues. PAN <EM>just&nbsp;</EM>released 11.1.4-h13 which addresses this issue yesterday evening. If you want to stick on 11.1.4 that would be the hotfix that you're looking for.&nbsp;</P> <P>&nbsp;</P> <P><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h13-addressed-issues" target="_blank">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h13-addressed-issues</A></P> Fri, 21 Feb 2025 14:29:00 GMT https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221601#M123354 BPry 2025-02-21T14:29:00Z https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221780#M123381 <P>Hello,</P> <P>&nbsp;</P> <P>What doesn't make much sense is that the version preferred by paloalto at the moment is version 11.1.4-h7 and that version is affected by a CVE. What do you think?</P> <P>&nbsp;</P> <H1 id="toc-hId-1845953475"><FONT size="5">PAN-OS for Firewalls and Panorama</FONT></H1> <TABLE role="grid"> <THEAD> <TR role="row"> <TD width="97.5156px"> <H5 id="toc-hId--1492257506"><EM><STRONG>Currently Preferred Release</STRONG></EM></H5> </TD> <TD width="108.594px"> <H5 id="toc-hId-250552829"><EM><STRONG>Preferred<BR />Date</STRONG></EM></H5> </TD> <TD width="692.891px"> <H5 id="toc-hId-1993363164"><EM><STRONG>Comments</STRONG></EM></H5> </TD> </TR> <TR> <TD width="97.5156px"><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-h7-addressed-issues" target="_blank" rel="noopener nofollow noreferrer">11.1.4-h7</A></TD> <TD width="108.594px">11/18/24</TD> <TD width="692.891px"><A href="https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-4-known-and-addressed-issues/pan-os-11-1-4-known-issues" target="_blank" rel="noopener nofollow noreferrer">11.1 Release Notes</A></TD> </TR> </THEAD> </TABLE> <P>&nbsp;</P> <P>Best Regards</P> Mon, 24 Feb 2025 15:59:13 GMT https://live.paloaltonetworks.com/t5/general-topics/doubt-about-https-security-paloaltonetworks-com-cve-2025-0108/m-p/1221780#M123381 palsoramas 2025-02-24T15:59:13Z