02-16-2025 11:43 AM
Hello.
I was just looking at this severity 7.8 high CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface and it says PAN-OS < 11.1.6-h1 is affected. This doc Support PAN-OS Software Release Guidance | Palo Alto Networks says 11.1.4-h7 is the "preferred version" which is affected. I usually try and stick with the "preferred version" but a severity 7.8 is concerning. I'm thinking about staying with the preferred version because my web management interface is not exposed to the internet. Would love to hear what others are thinking.
Thanks!
02-16-2025 06:25 PM
Hi @V.Benfanti ,
Thanks for info, If you have restricted management interface access via only trusted internal IP addresses then it reduce the exposure factor however it's recommended to upgrade the device to fixed version to mitigate the vulnerability.
02-19-2025 08:36 AM - edited 02-19-2025 08:37 AM
Exact same scenario for us.
Can we expect a new prefered version soon? I prefer to stay on prefered version, I'm waiting before updating, but our cybersecurity expert is sleeping on my doorstep. If not, i'll update to 11.1.6-h1.
Thanks!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
