PAN-OS Ver 4.0.5. What version should I update to?

Reply
Highlighted
Not applicable

PAN-OS Ver 4.0.5. What version should I update to?

My PA-500 is currently running on PAN-OS ver 4.0.5.

What is the recommended version i should update to?

4.1.16 or 5.1.11 or 6.0.0?

Thanks and regards.

Highlighted
L7 Applicator

Re: PAN-OS Ver 4.0.5. What version should I update to?

Recommended and a stable release is 5.0.9. ( PAN recomended).



For 5.0.10 and 5.0.11- Limited info from field at this time. Appears to be a stable release. No major issues reported at this time


Thanks

Highlighted
L4 Transporter

Re: PAN-OS Ver 4.0.5. What version should I update to?

Except for the security advisory which came out yesterday recommending upgrade to 5.0.10 or better to fix both a management API key bypass issue and a cross site scripting vulnerability.

Highlighted
L4 Transporter

Re: PAN-OS Ver 4.0.5. What version should I update to?

The advisory that came out yesterday or the one that came out weeks ago? Are we thinking of the same vulnerability?

Highlighted
L6 Presenter

Re: PAN-OS Ver 4.0.5. What version should I update to?

Highlighted
L4 Transporter

Re: PAN-OS Ver 4.0.5. What version should I update to?

ericgearhart wrote:

The advisory that came out yesterday or the one that came out weeks ago? Are we thinking of the same vulnerability?

ericgearhart, I got two vulnerabilities the day before I posted my original reply - one of which *looked* like it was a duplicate of an earlier CSS vulnerability, the other of which referred to a management API key bypass. Both stated the vulnerability was present up to 5.0.9.

Highlighted
L4 Transporter

Re: PAN-OS Ver 4.0.5. What version should I update to?

darren.g I was referring to the vulnerability that showed up on Packet Storm weeks ago:

PA's security advisory stance needs fixing. PANOS less that 5.0.9 contains XSRF and I just happened ...

Highlighted
L4 Transporter

Re: PAN-OS Ver 4.0.5. What version should I update to?

ericgearhart - I didn't see that one, and the original advisory on packet storm appears to have been amended to indicate this was fixed on 5.0.9.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!