CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

It is suggested to upgrade to version 10.2.12-h2 to remediate the vulnerability. However, the firmware version 10.2.12-h2 is currently in monitoring status. It is also mentioned that the same fix is available in version 10.2.10-h9, which is the prefe

CVE-2023-50164 Apache Struts Vulnerability

Hi I would like to enquire if any Palo Alto products are affected by the above vulnerability. 

Thanks. 

Container Base images

In Prisma cloud how do i track base images. that is the know who is using the defined base images and who is not using them. like can i get a list of all containers leveraging the defined base images? 

Wrong behavior of Advanced URL filter

Dear experts,

Here is my question:

Our customer has registered new URL domains and configured the firewall to block all newly registered domains via the URL filtering configuration. They noticed that the new domain is NOT blocked right away but abo

reverse TCP shells and other potential backdoor connections

Hi Team,

Just one of our customer received an security query points where they wanted the firewall to block reverse TCP shells and other potential backdoor connections.

For backdoor i have went through the backdoor signatures in threat vault.

So we ha

False Positive

Hello,

Please fix false positive detection: 

https://www.virustotal.com/gui/file/5259f523e41ffa42af0753df4c020f911a585b311c3267f17703c14920a352b8?nocache=1

Thank you!

Open port 9339 - CVE-2016-2183

Hi,

After the update PA to version 11.1.0 (currently we are using version 11.1.1 but the problem still exists), Nessus discovered open TCP port 9339 and alerted about vulnerability SWEET32 (screen attached below).

It is weird, because port 9339 is u

Update PAN-OS 11.1.0 to 11.2.1?

Hi all -

With regard to CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect and other issues, our PA-820 is running PAN- OS 11.1.0, should it be updated to PAN-OS 11.2.1?

Thank you

False Positive: Virus/Win32.WGeneric.eefmlb on stream.x64.x-none.dat

Started getting false positives on our SCCM server after a repackaging of Microsoft Office 365 source, looks to be specifically on the data file for Microsoft Stream client. VirusTotal comes up clean.

Azure Microsoft Defender Security Warnings

Recently Microsoft Defender for Cloud has started reporting various files in our palo alto as malware. The most recent one today is hdd/mfa1z5om.aa2/tmp and hdd/mfa1z5om.aa2/usr/sbin as Trojan:Linux/Casdet!rfn. There have been daily alerts with vario