Vulnerability-Lookup

CVE-2026-0300 (GCVE-0-2026-0300)

Vulnerability from cvelistv5 – Published: 2026-05-06 18:57 – Updated: 2026-05-07 03:55

CISA KEV

Title

PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

Summary

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses. Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Severity ?

9.3 (Critical)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red

8.7 (High)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red

CWE

CWE-787 - Out-of-bounds Write

Assigner

palo_alto

References

URL

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 528df847-2140-4049-8a49-1cf9f2ccf428

Vulnerability ID: CVE-2026-0300

Status: Confirmed

Status Updated: 2026-05-06 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2026-05-06

Asserted: 2026-05-06

Scope

Notes: KEV entry: Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability | Affected: Palo Alto Networks / PAN-OS | Description: Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. | Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Until the vendor releases an official fix, the following workaround should be implemented: - Restrict User-ID Authentication Portal access to only trusted zones. - Disable User-ID Authentication Portal if not required. | Due date: 2026-05-09 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://security.paloaltonetworks.com/CVE-2026-0300 ; https://nvd.nist.gov/vuln/detail/CVE-2026-0300

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-787
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	PAN-OS
Due Date	2026-05-09
Date Added	2026-05-06
Vendorproject	Palo Alto Networks
Vulnerabilityname	Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2026-0300

Created: 2026-05-06 19:00 UTC | Updated: 2026-05-06 19:00 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-0300",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-06T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2026-05-06",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-07T03:55:34.043Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2026-05-06T00:00:00.000Z",
            "value": "CVE-2026-0300 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*",
            "cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "changes": [
                {
                  "at": "12.1.7",
                  "status": "unaffected"
                },
                {
                  "at": "12.1.4-h5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "12.1.7",
              "status": "affected",
              "version": "12.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.2.12",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.10-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.7-h13",
                  "status": "unaffected"
                },
                {
                  "at": "11.2.4-h17",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.2.12",
              "status": "affected",
              "version": "11.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "11.1.15",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.13-h5",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.10-h25",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.7-h6",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.6-h32",
                  "status": "unaffected"
                },
                {
                  "at": "11.1.4-h33",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.1.15",
              "status": "affected",
              "version": "11.1.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.18-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.16-h7",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.13-h21",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.10-h36",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.7-h34",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.18-h6",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\u2122 Authentication Portal.\u003cbr\u003e\u003cbr\u003eCustomers are impacted if both of the following conditions are true:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eUser-ID\u2122 Authentication Portal configured in the User-ID\u2122 Authentication Portal Settings page.  You can verify the configuration by going to Device \u0026gt; User Identification \u0026gt; Authentication Portal Settings -\u0026gt; Enable Authentication Portal (applies to both transparent and redirect modes) \u003cb\u003eand\u003c/b\u003e\u003c/li\u003e\u003cli\u003eAn interface management profile with response pages enabled and associated with an external/internet-accessible interface.  You can verify the configuration by going to Network \u0026gt; Interface \u0026gt; Select the interface \u0026gt; Advanced Tab \u0026gt; Create Management Interface Profile.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\u2122 Authentication Portal.\n\nCustomers are impacted if both of the following conditions are true:\n\n\n * User-ID\u2122 Authentication Portal configured in the User-ID\u2122 Authentication Portal Settings page. You can verify the configuration by going to Device \u003e User Identification \u003e Authentication Portal Settings -\u003e Enable Authentication Portal (applies to both transparent and redirect modes) and\n * An interface management profile with response pages enabled and associated with an external/internet-accessible interface. You can verify the configuration by going to Network \u003e Interface \u003e Select the interface \u003e Advanced Tab \u003e Create Management Interface Profile."
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.4-h5",
                  "versionStartIncluding": "12.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "12.1.7",
                  "versionStartIncluding": "12.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.4-h17",
                  "versionStartIncluding": "11.2.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.7-h13",
                  "versionStartIncluding": "11.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.10-h6",
                  "versionStartIncluding": "11.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.2.12",
                  "versionStartIncluding": "11.2.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.4-h33",
                  "versionStartIncluding": "11.1.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.6-h32",
                  "versionStartIncluding": "11.1.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.7-h6",
                  "versionStartIncluding": "11.1.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.10-h25",
                  "versionStartIncluding": "11.1.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.13-h5",
                  "versionStartIncluding": "11.1.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "11.1.15",
                  "versionStartIncluding": "11.1.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.7-h34",
                  "versionStartIncluding": "10.2.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.10-h36",
                  "versionStartIncluding": "10.2.10",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.13-h21",
                  "versionStartIncluding": "10.2.13",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.16-h7",
                  "versionStartIncluding": "10.2.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "10.2.18-h6",
                  "versionStartIncluding": "10.2.18",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "OR"
        }
      ],
      "datePublic": "2026-05-05T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \u003cbr\u003e\u003cbr\u003eThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\"\u003ebest practice guidelines\u003c/a\u003e by restricting access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003ePrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability. \u003c/p\u003e"
            }
          ],
          "value": "A buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \n\nThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\n\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Limited exploitation has been observed targeting Palo Alto Networks User-ID\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk."
            }
          ],
          "value": "Limited exploitation has been observed targeting Palo Alto Networks User-ID\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "ATTACKED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "The risk is highest when you configure the User-ID\u2122 Authentication Portal to enable access from the Internet or any untrusted network."
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "YES",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "exploitMaturity": "ATTACKED",
            "privilegesRequired": "NONE",
            "providerUrgency": "RED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "You can greatly reduce the risk of exploitation by restricting User-ID\u2122 Authentication Portal access to only trusted internal IP addresses and preventing its exposure to the internet."
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-06T22:09:48.796Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2026-0300"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\u003cbr\u003e\u003cbr\u003eWe strongly recommend that you secure access to your User-ID\u2122 Authentication Portal following the instructions in the workarounds section below."
            }
          ],
          "value": "This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\n\nWe strongly recommend that you secure access to your User-ID\u2122 Authentication Portal following the instructions in the workarounds section below."
        }
      ],
      "source": {
        "discovery": "USER"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2026-05-06T17:27:00.000Z",
          "value": "Updated with Threat Prevention ID and clarified the Required Configuration section."
        },
        {
          "lang": "en",
          "time": "2026-05-05T23:00:00.000Z",
          "value": "Initial publication."
        }
      ],
      "title": "PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID\u2122 Authentication Portal",
      "workarounds": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Customers can mitigate the risk of this issue by taking either of the following actions:\u003cbr\u003e\u003cul\u003e\u003cli\u003eRestrict User-ID\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286\"\u003eLive Community article\u003c/a\u003e and \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\"\u003eKnowledgebase article\u003c/a\u003e for steps to restrict access.\u003cbr\u003e\u003c/li\u003e\u003cli\u003eDisable User-ID\u2122 Authentication Portal if not required.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID\u0026nbsp;510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support."
            }
          ],
          "value": "Customers can mitigate the risk of this issue by taking either of the following actions:\n\n * Restrict User-ID\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following Live Community article (https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286) and Knowledgebase article (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC) for steps to restrict access.\n   \n * Disable User-ID\u2122 Authentication Portal if not required.\n   \n\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support."
        }
      ],
      "x_affectedList": [
        "PAN-OS 12.1.6",
        "PAN-OS 12.1.5",
        "PAN-OS 12.1.4-h3",
        "PAN-OS 12.1.4-h2",
        "PAN-OS 12.1.4",
        "PAN-OS 12.1.3-h3",
        "PAN-OS 12.1.3-h1",
        "PAN-OS 12.1.3",
        "PAN-OS 12.1.2",
        "PAN-OS 11.2.11",
        "PAN-OS 11.2.10-h4",
        "PAN-OS 11.2.10-h3",
        "PAN-OS 11.2.10-h2",
        "PAN-OS 11.2.10-h1",
        "PAN-OS 11.2.10",
        "PAN-OS 11.2.9",
        "PAN-OS 11.2.8",
        "PAN-OS 11.2.7-h11",
        "PAN-OS 11.2.7-h10",
        "PAN-OS 11.2.7-h8",
        "PAN-OS 11.2.7-h7",
        "PAN-OS 11.2.7-h4",
        "PAN-OS 11.2.7-h3",
        "PAN-OS 11.2.7-h2",
        "PAN-OS 11.2.7-h1",
        "PAN-OS 11.2.7",
        "PAN-OS 11.2.6",
        "PAN-OS 11.2.5",
        "PAN-OS 11.2.4-h15",
        "PAN-OS 11.2.4-h14",
        "PAN-OS 11.2.4-h12",
        "PAN-OS 11.2.4-h11",
        "PAN-OS 11.2.4-h10",
        "PAN-OS 11.2.4-h9",
        "PAN-OS 11.2.4-h8",
        "PAN-OS 11.2.4-h7",
        "PAN-OS 11.2.4-h6",
        "PAN-OS 11.2.4-h5",
        "PAN-OS 11.2.4-h4",
        "PAN-OS 11.2.4-h3",
        "PAN-OS 11.2.4-h2",
        "PAN-OS 11.2.4-h1",
        "PAN-OS 11.2.4",
        "PAN-OS 11.2.3-h5",
        "PAN-OS 11.2.3-h4",
        "PAN-OS 11.2.3-h3",
        "PAN-OS 11.2.3-h2",
        "PAN-OS 11.2.3-h1",
        "PAN-OS 11.2.3",
        "PAN-OS 11.2.2-h2",
        "PAN-OS 11.2.2-h1",
        "PAN-OS 11.2.1-h1",
        "PAN-OS 11.2.1",
        "PAN-OS 11.2.0-h1",
        "PAN-OS 11.2.0",
        "PAN-OS 11.1.13-h3",
        "PAN-OS 11.1.13-h2",
        "PAN-OS 11.1.13-h1",
        "PAN-OS 11.1.13",
        "PAN-OS 11.1.12",
        "PAN-OS 11.1.11",
        "PAN-OS 11.1.10-h21",
        "PAN-OS 11.1.10-h12",
        "PAN-OS 11.1.10-h10",
        "PAN-OS 11.1.10-h9",
        "PAN-OS 11.1.10-h7",
        "PAN-OS 11.1.10-h5",
        "PAN-OS 11.1.10-h4",
        "PAN-OS 11.1.10-h1",
        "PAN-OS 11.1.10",
        "PAN-OS 11.1.9",
        "PAN-OS 11.1.8",
        "PAN-OS 11.1.6-h29",
        "PAN-OS 11.1.6-h25",
        "PAN-OS 11.1.6-h23",
        "PAN-OS 11.1.6-h22",
        "PAN-OS 11.1.6-h21",
        "PAN-OS 11.1.6-h20",
        "PAN-OS 11.1.6-h19",
        "PAN-OS 11.1.6-h18",
        "PAN-OS 11.1.6-h17",
        "PAN-OS 11.1.6-h14",
        "PAN-OS 11.1.6-h10",
        "PAN-OS 11.1.6-h7",
        "PAN-OS 11.1.6-h6",
        "PAN-OS 11.1.6-h4",
        "PAN-OS 11.1.6-h3",
        "PAN-OS 11.1.6-h2",
        "PAN-OS 11.1.6-h1",
        "PAN-OS 11.1.6",
        "PAN-OS 11.1.5-h1",
        "PAN-OS 11.1.5",
        "PAN-OS 11.1.4-h27",
        "PAN-OS 11.1.4-h25",
        "PAN-OS 11.1.4-h18",
        "PAN-OS 11.1.4-h17",
        "PAN-OS 11.1.4-h15",
        "PAN-OS 11.1.4-h13",
        "PAN-OS 11.1.4-h12",
        "PAN-OS 11.1.4-h11",
        "PAN-OS 11.1.4-h10",
        "PAN-OS 11.1.4-h9",
        "PAN-OS 11.1.4-h8",
        "PAN-OS 11.1.4-h7",
        "PAN-OS 11.1.4-h6",
        "PAN-OS 11.1.4-h5",
        "PAN-OS 11.1.4-h4",
        "PAN-OS 11.1.4-h3",
        "PAN-OS 11.1.4-h2",
        "PAN-OS 11.1.4-h1",
        "PAN-OS 11.1.4",
        "PAN-OS 11.1.3-h13",
        "PAN-OS 11.1.3-h12",
        "PAN-OS 11.1.3-h11",
        "PAN-OS 11.1.3-h10",
        "PAN-OS 11.1.3-h9",
        "PAN-OS 11.1.3-h8",
        "PAN-OS 11.1.3-h7",
        "PAN-OS 11.1.3-h6",
        "PAN-OS 11.1.3-h5",
        "PAN-OS 11.1.3-h4",
        "PAN-OS 11.1.3-h3",
        "PAN-OS 11.1.3-h2",
        "PAN-OS 11.1.3-h1",
        "PAN-OS 11.1.3",
        "PAN-OS 11.1.2-h18",
        "PAN-OS 11.1.2-h17",
        "PAN-OS 11.1.2-h16",
        "PAN-OS 11.1.2-h15",
        "PAN-OS 11.1.2-h14",
        "PAN-OS 11.1.2-h13",
        "PAN-OS 11.1.2-h12",
        "PAN-OS 11.1.2-h11",
        "PAN-OS 11.1.2-h10",
        "PAN-OS 11.1.2-h9",
        "PAN-OS 11.1.2-h8",
        "PAN-OS 11.1.2-h7",
        "PAN-OS 11.1.2-h6",
        "PAN-OS 11.1.2-h5",
        "PAN-OS 11.1.2-h4",
        "PAN-OS 11.1.2-h3",
        "PAN-OS 11.1.2-h2",
        "PAN-OS 11.1.2-h1",
        "PAN-OS 11.1.2",
        "PAN-OS 11.1.1-h2",
        "PAN-OS 11.1.1-h1",
        "PAN-OS 11.1.1",
        "PAN-OS 11.1.0-h4",
        "PAN-OS 11.1.0-h3",
        "PAN-OS 11.1.0-h2",
        "PAN-OS 11.1.0-h1",
        "PAN-OS 11.1.0",
        "PAN-OS 10.2.18-h1",
        "PAN-OS 10.2.18",
        "PAN-OS 10.2.17",
        "PAN-OS 10.2.16-h6",
        "PAN-OS 10.2.16-h4",
        "PAN-OS 10.2.16-h1",
        "PAN-OS 10.2.16",
        "PAN-OS 10.2.15",
        "PAN-OS 10.2.14-h1",
        "PAN-OS 10.2.14",
        "PAN-OS 10.2.13-h18",
        "PAN-OS 10.2.13-h16",
        "PAN-OS 10.2.13-h15",
        "PAN-OS 10.2.13-h10",
        "PAN-OS 10.2.13-h7",
        "PAN-OS 10.2.13-h5",
        "PAN-OS 10.2.13-h4",
        "PAN-OS 10.2.13-h3",
        "PAN-OS 10.2.13-h2",
        "PAN-OS 10.2.13-h1",
        "PAN-OS 10.2.13",
        "PAN-OS 10.2.12-h6",
        "PAN-OS 10.2.12-h5",
        "PAN-OS 10.2.12-h4",
        "PAN-OS 10.2.12-h3",
        "PAN-OS 10.2.12-h2",
        "PAN-OS 10.2.12-h1",
        "PAN-OS 10.2.12",
        "PAN-OS 10.2.11-h13",
        "PAN-OS 10.2.11-h12",
        "PAN-OS 10.2.11-h11",
        "PAN-OS 10.2.11-h10",
        "PAN-OS 10.2.11-h9",
        "PAN-OS 10.2.11-h8",
        "PAN-OS 10.2.11-h7",
        "PAN-OS 10.2.11-h6",
        "PAN-OS 10.2.11-h5",
        "PAN-OS 10.2.11-h4",
        "PAN-OS 10.2.11-h3",
        "PAN-OS 10.2.11-h2",
        "PAN-OS 10.2.11-h1",
        "PAN-OS 10.2.11",
        "PAN-OS 10.2.10-h31",
        "PAN-OS 10.2.10-h30",
        "PAN-OS 10.2.10-h27",
        "PAN-OS 10.2.10-h26",
        "PAN-OS 10.2.10-h23",
        "PAN-OS 10.2.10-h21",
        "PAN-OS 10.2.10-h18",
        "PAN-OS 10.2.10-h17",
        "PAN-OS 10.2.10-h14",
        "PAN-OS 10.2.10-h13",
        "PAN-OS 10.2.10-h12",
        "PAN-OS 10.2.10-h11",
        "PAN-OS 10.2.10-h10",
        "PAN-OS 10.2.10-h9",
        "PAN-OS 10.2.10-h8",
        "PAN-OS 10.2.10-h7",
        "PAN-OS 10.2.10-h6",
        "PAN-OS 10.2.10-h5",
        "PAN-OS 10.2.10-h4",
        "PAN-OS 10.2.10-h3",
        "PAN-OS 10.2.10-h2",
        "PAN-OS 10.2.10-h1",
        "PAN-OS 10.2.10",
        "PAN-OS 10.2.9-h21",
        "PAN-OS 10.2.9-h20",
        "PAN-OS 10.2.9-h19",
        "PAN-OS 10.2.9-h18",
        "PAN-OS 10.2.9-h17",
        "PAN-OS 10.2.9-h16",
        "PAN-OS 10.2.9-h15",
        "PAN-OS 10.2.9-h14",
        "PAN-OS 10.2.9-h13",
        "PAN-OS 10.2.9-h12",
        "PAN-OS 10.2.9-h11",
        "PAN-OS 10.2.9-h10",
        "PAN-OS 10.2.9-h9",
        "PAN-OS 10.2.9-h8",
        "PAN-OS 10.2.9-h7",
        "PAN-OS 10.2.9-h6",
        "PAN-OS 10.2.9-h5",
        "PAN-OS 10.2.9-h4",
        "PAN-OS 10.2.9-h3",
        "PAN-OS 10.2.9-h2",
        "PAN-OS 10.2.9-h1",
        "PAN-OS 10.2.9",
        "PAN-OS 10.2.8-h21",
        "PAN-OS 10.2.8-h20",
        "PAN-OS 10.2.8-h19",
        "PAN-OS 10.2.8-h18",
        "PAN-OS 10.2.8-h17",
        "PAN-OS 10.2.8-h16",
        "PAN-OS 10.2.8-h15",
        "PAN-OS 10.2.8-h14",
        "PAN-OS 10.2.8-h13",
        "PAN-OS 10.2.8-h12",
        "PAN-OS 10.2.8-h11",
        "PAN-OS 10.2.8-h10",
        "PAN-OS 10.2.8-h9",
        "PAN-OS 10.2.8-h8",
        "PAN-OS 10.2.8-h7",
        "PAN-OS 10.2.8-h6",
        "PAN-OS 10.2.8-h5",
        "PAN-OS 10.2.8-h4",
        "PAN-OS 10.2.8-h3",
        "PAN-OS 10.2.8-h2",
        "PAN-OS 10.2.8-h1",
        "PAN-OS 10.2.8",
        "PAN-OS 10.2.7-h32",
        "PAN-OS 10.2.7-h24",
        "PAN-OS 10.2.7-h23",
        "PAN-OS 10.2.7-h22",
        "PAN-OS 10.2.7-h21",
        "PAN-OS 10.2.7-h20",
        "PAN-OS 10.2.7-h19",
        "PAN-OS 10.2.7-h18",
        "PAN-OS 10.2.7-h17",
        "PAN-OS 10.2.7-h16",
        "PAN-OS 10.2.7-h15",
        "PAN-OS 10.2.7-h14",
        "PAN-OS 10.2.7-h13",
        "PAN-OS 10.2.7-h12",
        "PAN-OS 10.2.7-h11",
        "PAN-OS 10.2.7-h10",
        "PAN-OS 10.2.7-h9",
        "PAN-OS 10.2.7-h8",
        "PAN-OS 10.2.7-h7",
        "PAN-OS 10.2.7-h6",
        "PAN-OS 10.2.7-h5",
        "PAN-OS 10.2.7-h4",
        "PAN-OS 10.2.7-h3",
        "PAN-OS 10.2.7-h2",
        "PAN-OS 10.2.7-h1",
        "PAN-OS 10.2.7",
        "PAN-OS 10.2.6-h6",
        "PAN-OS 10.2.6-h5",
        "PAN-OS 10.2.6-h4",
        "PAN-OS 10.2.6-h3",
        "PAN-OS 10.2.6-h2",
        "PAN-OS 10.2.6-h1",
        "PAN-OS 10.2.6",
        "PAN-OS 10.2.5-h9",
        "PAN-OS 10.2.5-h8",
        "PAN-OS 10.2.5-h7",
        "PAN-OS 10.2.5-h6",
        "PAN-OS 10.2.5-h5",
        "PAN-OS 10.2.5-h4",
        "PAN-OS 10.2.5-h3",
        "PAN-OS 10.2.5-h2",
        "PAN-OS 10.2.5-h1",
        "PAN-OS 10.2.5",
        "PAN-OS 10.2.4-h32",
        "PAN-OS 10.2.4-h31",
        "PAN-OS 10.2.4-h30",
        "PAN-OS 10.2.4-h29",
        "PAN-OS 10.2.4-h28",
        "PAN-OS 10.2.4-h27",
        "PAN-OS 10.2.4-h26",
        "PAN-OS 10.2.4-h25",
        "PAN-OS 10.2.4-h24",
        "PAN-OS 10.2.4-h23",
        "PAN-OS 10.2.4-h22",
        "PAN-OS 10.2.4-h21",
        "PAN-OS 10.2.4-h20",
        "PAN-OS 10.2.4-h19",
        "PAN-OS 10.2.4-h18",
        "PAN-OS 10.2.4-h17",
        "PAN-OS 10.2.4-h16",
        "PAN-OS 10.2.4-h15",
        "PAN-OS 10.2.4-h14",
        "PAN-OS 10.2.4-h13",
        "PAN-OS 10.2.4-h12",
        "PAN-OS 10.2.4-h11",
        "PAN-OS 10.2.4-h10",
        "PAN-OS 10.2.4-h9",
        "PAN-OS 10.2.4-h8",
        "PAN-OS 10.2.4-h7",
        "PAN-OS 10.2.4-h6",
        "PAN-OS 10.2.4-h5",
        "PAN-OS 10.2.4-h4",
        "PAN-OS 10.2.4-h3",
        "PAN-OS 10.2.4-h2",
        "PAN-OS 10.2.4-h1",
        "PAN-OS 10.2.4",
        "PAN-OS 10.2.3-h14",
        "PAN-OS 10.2.3-h13",
        "PAN-OS 10.2.3-h12",
        "PAN-OS 10.2.3-h11",
        "PAN-OS 10.2.3-h10",
        "PAN-OS 10.2.3-h9",
        "PAN-OS 10.2.3-h8",
        "PAN-OS 10.2.3-h7",
        "PAN-OS 10.2.3-h6",
        "PAN-OS 10.2.3-h5",
        "PAN-OS 10.2.3-h4",
        "PAN-OS 10.2.3-h3",
        "PAN-OS 10.2.3-h2",
        "PAN-OS 10.2.3-h1",
        "PAN-OS 10.2.3",
        "PAN-OS 10.2.2-h6",
        "PAN-OS 10.2.2-h5",
        "PAN-OS 10.2.2-h4",
        "PAN-OS 10.2.2-h3",
        "PAN-OS 10.2.2-h2",
        "PAN-OS 10.2.2-h1",
        "PAN-OS 10.2.2",
        "PAN-OS 10.2.1-h3",
        "PAN-OS 10.2.1-h2",
        "PAN-OS 10.2.1-h1",
        "PAN-OS 10.2.1",
        "PAN-OS 10.2.0-h4",
        "PAN-OS 10.2.0-h3",
        "PAN-OS 10.2.0-h2",
        "PAN-OS 10.2.0-h1",
        "PAN-OS 10.2.0"
      ],
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2026-0300",
    "datePublished": "2026-05-06T18:57:39.876Z",
    "dateReserved": "2025-11-03T20:44:58.173Z",
    "dateUpdated": "2026-05-07T03:55:34.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2026-0300",
      "cwes": "[\"CWE-787\"]",
      "dateAdded": "2026-05-06",
      "dueDate": "2026-05-09",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://security.paloaltonetworks.com/CVE-2026-0300 ; https://nvd.nist.gov/vuln/detail/CVE-2026-0300",
      "product": "PAN-OS",
      "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.    Until the vendor releases an official fix, the following workaround should be implemented:  - Restrict User-ID Authentication Portal access to only trusted zones.  - Disable User-ID Authentication Portal if not required.",
      "shortDescription": "Palo Alto Networks PAN-OS contains an out-of-bounds write vulnerability in the User-ID Authentication Portal (aka Captive Portal) service that can allow an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets.",
      "vendorProject": "Palo Alto Networks",
      "vulnerabilityName": "Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability"
    },
    "epss": {
      "cve": "CVE-2026-0300",
      "date": "2026-05-09",
      "epss": "0.05287",
      "percentile": "0.90079"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-0300\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2026-05-06T19:16:35.730\",\"lastModified\":\"2026-05-07T17:46:44.287\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \\n\\nThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\\n\\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Red\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"ATTACKED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"YES\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"RED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"cisaExploitAdd\":\"2026-05-06\",\"cisaActionDue\":\"2026-05-09\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.    Until the vendor releases an official fix, the following workaround should be implemented:  - Restrict User-ID Authentication Portal access to only trusted zones.  - Disable User-ID Authentication Portal if not required.\",\"cisaVulnerabilityName\":\"Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability\",\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D515774C-BDB8-4A78-BCFB-01A825B93DF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B050597-FC74-4667-83A5-A82BCAD1FCE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AACF8E4-ABED-4617-80D8-2ABC37AAC005\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6220162-85C0-4DC7-AE73-643A2BA08090\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEEE3F9F-2F8F-4F1D-9BC8-1EAF9673B68D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"909CCBED-27AC-4888-91B7-FDA621861AB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A74871-369E-4B91-A70A-801AF1A8B406\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8C42D98-CF8F-456B-9D57-80BBDC2C8E74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA4994CB-6591-4B44-A5D7-3CDF540B97DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6AB7874-FE24-42AC-8E3A-822A70722126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D88CC33-7E32-4E82-8A94-70759E910510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA91A4E9-CE1E-4CB8-B717-4B0E314C0171\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h24:*:*:*:*:*:*\",\"matchCriteriaId\":\"28994519-3519-4E94-8D8B-7C4251A82B8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"776E06EC-2FDA-4664-AB43-9F6BE9B897CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h32:*:*:*:*:*:*\",\"matchCriteriaId\":\"53981EA8-847F-4FBC-BA55-8EDF591E0FF8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBE09375-A863-42FF-813F-C20679D7C45C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"1311961A-0EF6-488E-B0C2-EDBD508587C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78EAA309-2755-4ED2-9AFC-F4D9DF8F90D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D6D42C2-1CEC-47D2-82B2-1EFE71A8C8A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"03C5ABF2-8C53-4376-8A64-6CB34E18E77C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF7FCD8B-80DF-4004-A9D2-4EE884F089A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"83C9637A-B615-4CC2-84AA-BDCFE611484C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"224270A7-767D-433B-AD51-C031506747C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"A532EFC6-A883-4279-8C05-9CD600B3F963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F20C02-DF90-4609-9254-B765481C83E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"872BC747-512A-4872-AC86-E7F1DC589F47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5E36C87-E01D-49DC-AB73-10E5EE27F596\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h27:*:*:*:*:*:*\",\"matchCriteriaId\":\"39437442-B24D-492F-B637-2203492327FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"67F527D0-F85B-4B83-AEA5-BA636FC89210\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h30:*:*:*:*:*:*\",\"matchCriteriaId\":\"984BE1FB-ADB7-4831-AEDD-39DBAED078B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h31:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF2C954D-9763-41E3-A132-F83C82E79BC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CF8F985-7E51-49E6-857A-FAAF027F5611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B437DCEA-ABA3-41CA-B320-97EC430F1122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"593AFE7A-CB37-4156-A2B8-646A317F3176\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9F032C2-3202-479B-8C70-277F6871A4A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3079F29C-688B-4FFB-BBC0-5FCD7B5B6905\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"674C85C5-162E-42DE-ACD1-D18943040E1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2B871A6-0636-42A0-9573-6F693D7753AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FC63B8-B8D9-4EC1-85CA-2E12B38ACD3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3F8462A-71C0-4F81-9882-C73BC90697CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1B72E68-2D01-483F-BEC5-59C49E96B976\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"E49419C4-9AFE-4B7F-90EF-DB50EBB608D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CE628F-C4CB-4342-8D71-DE61A089B612\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2447D2B1-A145-4036-B9F2-17648B193465\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C24353AF-DC81-49B9-9132-9EEC8E6009BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4420489-AE0F-4A48-B2CE-C165BEBFA6A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"C45D8DF1-9483-4B24-AB94-B1FF4A5F2606\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"941CB947-862C-4C17-A039-8CD46D21B3BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"146BFB2E-5802-495E-B20D-9783B41357A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC38A9CD-CDB6-423A-BE8D-2E0E45A3B239\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41B48ECA-FD05-4EA2-B1C9-771624EAAFF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D65D1F0-323E-41AF-962E-1F9741748A76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5D41E00-D517-4B81-A7FC-C8E101884807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.17:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEBB519E-9AC8-4100-B71C-E7D3276ED79C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"19604659-570D-4766-B8B5-8B9920E2607F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"745A3A2A-73CF-4DC2-968B-ACFC66389E11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A1E533E-DE4A-4F2F-A71A-FFF56E757087\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB628D07-9AB0-4C19-8DA3-DBE5689A3F40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A94EA8A-EADF-416D-AE54-3CF56214714C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC05CBD3-7679-4640-9BE4-FD5418D9F756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F383C3D-0C7A-4B5E-9798-D1CE9632687B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF83EAA1-49E1-4AD0-A049-F1B3065950BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE3F7369-9F35-409A-9F47-45A959592DFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h13:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD701663-4C57-4115-BD59-9DFFB504E2AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"82816C09-6A9D-4AB2-AA55-62CC714CCA82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h16:*:*:*:*:*:*\",\"matchCriteriaId\":\"9AA9F77D-BC9C-4A2C-8988-6DEE65CD9C8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5A3CEBF-9F8A-47F9-A302-7C395F2A8146\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h18:*:*:*:*:*:*\",\"matchCriteriaId\":\"A79B51D2-74E8-4BA3-AE33-829A9C1776E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h25:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08297B1-95E9-4730-B59D-252B958C4199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h27:*:*:*:*:*:*\",\"matchCriteriaId\":\"B56B153E-8693-4257-9E33-38904A949ED8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h32:*:*:*:*:*:*\",\"matchCriteriaId\":\"A220ED95-5E1A-45AA-85BD-8A58CFC6C697\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DB4DA9-2262-4E9E-B3A1-49D261D01295\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"4852E738-990C-4DD2-8252-D4625D843A99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB2C59F8-2583-4510-90F8-500F8329AFFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C31ACD7-46AB-4092-89F3-7B4C9B642199\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C50A07-F4D8-4F1F-BA61-3429BB1721BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D12FF27-C186-467C-8627-1284EBC67243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4AA997-35BC-4BC1-9EF2-644503B2D806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"12EF4DDF-9773-4B02-8FF4-F94A1D49E6AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h17:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FAE17BB-7938-41D0-8D62-46F829C647BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h19:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DA5A0AD-C4FB-4210-8651-F94F2875A0EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"45D633D7-A4B5-4D68-9BAB-D9BA25877F36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h20:*:*:*:*:*:*\",\"matchCriteriaId\":\"B79DB477-A907-4300-A651-16F93880B049\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF74D8FA-677F-484D-9338-A1761614FFD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h22:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9FC5118-4056-4E22-A1F0-D6FFA2B88472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h23:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E7A808F-F52F-4786-950C-591CCADB2EE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h25:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CA82012-AA59-44C1-BB9D-0B28764D507E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h29:*:*:*:*:*:*\",\"matchCriteriaId\":\"27233F80-A620-42D3-927D-4FCDE6345456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"63729FA6-ED2A-4593-9436-232F282A0A78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F39792EF-61B5-4874-9FD0-7544F8C5C0D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCC24BCD-E508-4553-9BAC-468A1078C9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A06B6F4-DCAE-4115-93D4-25D0A37AAB9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"91529C45-FA55-4844-A153-682F729F440D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"64B56778-2698-493D-80AD-B4AE81F48124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A9D3E2E-BA37-4F2A-BD43-97DD93E43D08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DCE8F6C-541E-4C61-ABC8-4A618B0DD58D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5EF79B-1A25-4AAB-AF2E-D151359E7FFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7193CCDA-D5D4-41D2-A808-87EDC19F2F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D58FF578-775A-4BC0-9975-2C8B8E51B1E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A92886DF-C989-47AD-8F68-8F468BBC6E57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9893920B-A00E-4890-A897-EE1CF0751BA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1289923-12D8-4FDD-B18B-C52516F14922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFC923D7-672D-4556-8344-BBD285324067\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h21:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1510DE9-04A3-4E08-872D-C0F6041BCFCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"31CD3B15-2CE0-404A-9542-9C39B8E71027\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0194DA0B-041A-4810-8BFB-2308290517B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E64D86-034F-4BC7-9A4E-2703D834EBC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B992628F-1114-4FC8-9364-800ACE997044\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73CF31A0-82EC-45DF-87DD-81C458AAF94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77024A63-A28F-4467-8D4C-3CFD41724777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"9223B0D4-6194-4684-8EF4-84A0EF511D8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB16C018-2B70-4F4D-9025-69FF82CD40F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1259B519-130D-4584-86AA-E4EA1E89ACB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DCA6D54-E623-4985-B35F-AC98299828EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.14:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A38461-BC7E-4D75-A168-FA493955A54C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF9D96B4-E4D2-4F35-A4AF-D79BB9F3A41B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DAF8163D-1EE5-4955-A317-1BC95581C87D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEEE3CF8-1B67-44D3-8FF1-9EC6C5197835\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6DFD05F-0A72-45E0-8D20-E1C28642C973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C01AD190-F3C2-4349-A063-8C5C78B725B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30F4CD1C-6862-4279-8D2D-40B4D164222F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8137F3AF-BA32-41BC-AD2E-A668FFA33892\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C977AF0-D2B0-401A-A7C5-A1C71AC3C072\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C0A53F-2AFE-4B0D-AEC1-464E6001E02F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h14:*:*:*:*:*:*\",\"matchCriteriaId\":\"D720448D-F40B-4C92-9101-A48AC36C9CBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h15:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F12F7AC-D5B3-499E-87DA-27427D8BFFC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52B7A7A-483A-4075-B1E9-5C14B66F7FC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"76949F0F-2ADC-492F-83F0-0A1B0E861F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DD83BC-4E8E-4C1D-80C7-A6209B4E70CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h6:*:*:*:*:*:*\",\"matchCriteriaId\":\"73888909-64C5-41BC-BAE0-BD9BDEEAF723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7861D82-815D-4894-9E11-1B6B1E66CDEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"D269E33D-9A79-40CC-B79A-C9A398AB7AFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h9:*:*:*:*:*:*\",\"matchCriteriaId\":\"9762E441-856F-466F-812C-798CA2EEF965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF09924-12F7-4F76-9FD0-08AF707AA289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C62D458B-2BC0-4E0C-8E95-894674DBD791\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A25C9D9-BC83-49AE-BEE7-EF05F8336B01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A93C2B58-EC78-4C3D-89FF-35D9C489E39F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h10:*:*:*:*:*:*\",\"matchCriteriaId\":\"A32E35C0-913E-4348-8AD4-E1F169C40C92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h11:*:*:*:*:*:*\",\"matchCriteriaId\":\"39112398-2A93-4E26-A7DF-0E3FA81C5130\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h12:*:*:*:*:*:*\",\"matchCriteriaId\":\"C88442D1-599F-411D-B7A2-E17AA839F177\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D12C3EB6-842E-4378-896C-FDBB2BC75D10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86B41903-FF08-454D-B626-184CB73B122E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"396DC378-7716-40F6-88A4-99299A16CAF1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E5C6E3A-262C-4212-B21C-00E8079AA8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h8:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C855108-D3C9-4DE3-B9F4-9735A0A439AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B887380-062F-45B2-9F25-861227E86377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02713C77-26D8-4C84-A8B2-86B6BA5BE600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"051673AB-50BF-4DD0-8679-F5825520241A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BAC15D8A-83CA-413F-BA2B-17EC2B169F6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"70B3EB0C-87F1-46C2-B95C-C5808E473BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"073BF631-451B-4DFC-B23C-F0F68C2450F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"13AA1BEF-F2F6-4534-89F3-DF4E79217978\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBFDE611-4981-4D92-ABAF-858DF132535F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.11:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE68AC6C-61B6-4245-96AE-3D1F96D44721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A116B32-5798-47EC-A22D-D3E960B29C07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1725F67-BF14-48B4-A405-1CCA507CD553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1ADE94-3F05-48EE-94E0-FD6EB682705C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F727C18E-1C8D-448A-954C-073294FBC65C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E492BE6-EB2E-4616-85EA-3B389741301B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.5:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF08D3C-62B3-4875-972A-CDF35D2786B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:12.1.6:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C32D27E-BCD7-4F26-B802-B6EA931B0F40\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-1410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0183BAB-B1AE-44D9-B187-798CECB9A640\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-1420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2FCF34-EC08-4AF2-AC0B-D48D97BFFC86\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-3410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08BD8F1C-5CDA-4B5C-9DA6-967773A9B0EE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-3420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"824EE71F-D617-4FDA-B529-DCF8F6BA5C1B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-3430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2DA44A2-3859-48B8-8146-4433D5FF4C68\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-3440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FF7BE07-98F5-4DB7-AD77-625BB46CFC3C\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BABAB43B-198C-42E0-836C-F7FB30256A2F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-410r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DF6F082-99CC-47BB-AEB1-2FD00EE1278D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-410r-5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA9D11D5-FDEA-4B83-8AE2-64A007791CBA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-415:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0BA207F-6CDF-4D90-8739-8FE34EC0F3C4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-415-5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"38DC5E80-274A-4E65-A2DC-BC79623BF698\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31854314-2ABE-4658-AD1B-230A0B261674\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-445:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CA7E681-BE00-416C-86C5-08A1A18976F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5128449-D0A7-47FA-AFE7-258672972BBF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-450r:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DB8D540-4F7A-44F2-9F5B-96F1F704330A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-450r-5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB12277D-B9CF-4703-B08F-5555261F1BC4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-455:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85B9E8EF-5A4E-40B7-8044-C4352AD1BD2E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-455-5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE7143C5-FDEF-4440-AB43-9A6B5D201D57\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-455r-5g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEFB32D5-43C7-4D4A-AA81-7BBC006B92CC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-460:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"017A0571-E011-4AE6-B4ED-B1AAC0EBA22B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-501:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB469DD8-C776-4B6A-91A4-66B27483FDE8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-505:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A070368D-23E8-47F3-8F72-E011728F90C6\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-510:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D8DECEA-D8A1-44AF-9F51-B99C6599FCAB\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-520:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F6F6DC-291D-447C-AF36-BC9A275076DE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FCA08A8-DDE0-4179-890D-D939E427414A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5410:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C702B085-D739-4E06-805F-D01144279071\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5420:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29237799-7DF5-478C-AE36-EC8E8416EAB7\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CEB69E29-2974-4963-96D6-E0C08D7777F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5440:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F7914EA-FEA6-4911-9A47-4F516BEE6663\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5445:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37BC54A5-071C-4F62-87EB-2314CA019B08\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-545-poe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"650AB458-DE6F-4933-A624-1AC7A2599E73\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5450:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB18C39C-0602-4136-83C9-61D99BAA46D8\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"665EF149-C97D-4820-AE79-849815E8D8D9\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5540:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1210A5F-A8C0-49F2-8418-6ABE7E12606F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-555-poe:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54B8A6E0-7EDA-4C00-B8DF-8D547DD4A5B1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5550:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6297F0CE-9E54-4B87-88BC-1EE8A16E55A3\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A915842C-2F40-48F4-BFEE-3682B426100D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5570:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"247690C1-8955-4CD5-9826-69AAA64D8D0D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-5580:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EBB2CDD-E0DB-47F5-B863-09CF2267A3EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-560:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD189FAE-EB8F-436F-BBC4-58F60F60DCDE\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-7500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6C4FC4B-7E69-4A28-9406-DA8D20A54D24\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:pa-7500-dpc-a:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E545C2B6-AD84-4FCC-8CCE-164CD3968A85\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:vm-100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44873791-6AB0-4EF5-808B-4495E18D225B\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:vm-300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00F998EF-0FFD-44BC-A07B-0361E171E68F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:vm-50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C0A1C05-D307-41E4-A420-4BC3EE308658\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:vm-500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C239BEAA-7BFB-49F9-8E48-477D76119CAF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:paloaltonetworks:vm-700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2BF87B31-B5F4-46F7-91DA-50F771FE56AA\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2026-0300\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-0300\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-06T19:11:13.428974Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-05-06\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-06T19:11:36.400Z\"}, \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-06T00:00:00.000Z\", \"value\": \"CVE-2026-0300 added to CISA KEV\"}]}], \"cna\": {\"title\": \"PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID\\u2122 Authentication Portal\", \"source\": {\"discovery\": \"USER\"}, \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100 Overflow Buffers\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 9.3, \"Automatable\": \"YES\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red\", \"exploitMaturity\": \"ATTACKED\", \"providerUrgency\": \"RED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"The risk is highest when you configure the User-ID\\u2122 Authentication Portal to enable access from the Internet or any untrusted network.\"}]}, {\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.7, \"Automatable\": \"YES\", \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red\", \"exploitMaturity\": \"ATTACKED\", \"providerUrgency\": \"RED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"You can greatly reduce the risk of exploitation by restricting User-ID\\u2122 Authentication Portal access to only trusted internal IP addresses and preventing its exposure to the internet.\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"12.1.7\", \"status\": \"unaffected\"}, {\"at\": \"12.1.4-h5\", \"status\": \"unaffected\"}], \"version\": \"12.1.0\", \"lessThan\": \"12.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.2.12\", \"status\": \"unaffected\"}, {\"at\": \"11.2.10-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.2.7-h13\", \"status\": \"unaffected\"}, {\"at\": \"11.2.4-h17\", \"status\": \"unaffected\"}], \"version\": \"11.2.0\", \"lessThan\": \"11.2.12\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.1.15\", \"status\": \"unaffected\"}, {\"at\": \"11.1.13-h5\", \"status\": \"unaffected\"}, {\"at\": \"11.1.10-h25\", \"status\": \"unaffected\"}, {\"at\": \"11.1.7-h6\", \"status\": \"unaffected\"}, {\"at\": \"11.1.6-h32\", \"status\": \"unaffected\"}, {\"at\": \"11.1.4-h33\", \"status\": \"unaffected\"}], \"version\": \"11.1.0\", \"lessThan\": \"11.1.15\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.18-h6\", \"status\": \"unaffected\"}, {\"at\": \"10.2.16-h7\", \"status\": \"unaffected\"}, {\"at\": \"10.2.13-h21\", \"status\": \"unaffected\"}, {\"at\": \"10.2.10-h36\", \"status\": \"unaffected\"}, {\"at\": \"10.2.7-h34\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.18-h6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Limited exploitation has been observed targeting Palo Alto Networks User-ID\\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Limited exploitation has been observed targeting Palo Alto Networks User-ID\\u2122 Authentication Portals that are exposed to untrusted IP addresses and/or the public internet. Customers following standard security best practices, such as restricting sensitive portals to trusted internal networks are at a greatly reduced risk.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-06T17:27:00.000Z\", \"value\": \"Updated with Threat Prevention ID and clarified the Required Configuration section.\"}, {\"lang\": \"en\", \"time\": \"2026-05-05T23:00:00.000Z\", \"value\": \"Initial publication.\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\\n\\nWe strongly recommend that you secure access to your User-ID\\u2122 Authentication Portal following the instructions in the workarounds section below.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue will be fixed in upcoming releases of PAN-OS as captured in the table above.\u003cbr\u003e\u003cbr\u003eWe strongly recommend that you secure access to your User-ID\\u2122 Authentication Portal following the instructions in the workarounds section below.\", \"base64\": false}]}], \"datePublic\": \"2026-05-05T23:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2026-0300\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"eng\", \"value\": \"Customers can mitigate the risk of this issue by taking either of the following actions:\\n\\n * Restrict User-ID\\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following Live Community article (https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286) and Knowledgebase article (https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC) for steps to restrict access.\\n   \\n * Disable User-ID\\u2122 Authentication Portal if not required.\\n   \\n\\nCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Customers can mitigate the risk of this issue by taking either of the following actions:\u003cbr\u003e\u003cul\u003e\u003cli\u003eRestrict User-ID\\u2122 Authentication Portal access to only trusted zones and in addition, disable Response Pages in the Interface Management Profile attached to every L3 interface in any zone where untrusted/internet traffic can ingress. Keep Response Pages enabled only on interfaces in trust/internal zones where legitimate users\u0027 browsers ingress. Refer to Step 6 of the following \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://live.paloaltonetworks.com/t5/general-articles/why-it-s-essential-to-secure-your-management-interface/ta-p/1001286\\\"\u003eLive Community article\u003c/a\u003e and \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\\\"\u003eKnowledgebase article\u003c/a\u003e for steps to restrict access.\u003cbr\u003e\u003c/li\u003e\u003cli\u003eDisable User-ID\\u2122 Authentication Portal if not required.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003eCustomers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID\u0026nbsp;510019 from Applications and Threats content version 9097-10022. Decoder capabilities necessitate PAN-OS 11.1 or a later version for Threat ID support.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A buffer overflow vulnerability in the User-ID\\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \\n\\nThe risk of this issue is greatly reduced if you secure access to the User-ID\\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\\n\\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA buffer overflow vulnerability in the User-ID\\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \u003cbr\u003e\u003cbr\u003eThe risk of this issue is greatly reduced if you secure access to the User-ID\\u2122 Authentication Portal per the \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000CqbiCAC\\\"\u003ebest practice guidelines\u003c/a\u003e by restricting access to only trusted internal IP addresses.\u003cbr\u003e\u003cbr\u003ePrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability. \u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787: Out-of-bounds Write\"}]}], \"configurations\": [{\"lang\": \"eng\", \"value\": \"This issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\\u2122 Authentication Portal.\\n\\nCustomers are impacted if both of the following conditions are true:\\n\\n\\n * User-ID\\u2122 Authentication Portal configured in the User-ID\\u2122 Authentication Portal Settings page. You can verify the configuration by going to Device \u003e User Identification \u003e Authentication Portal Settings -\u003e Enable Authentication Portal (applies to both transparent and redirect modes) and\\n * An interface management profile with response pages enabled and associated with an external/internet-accessible interface. You can verify the configuration by going to Network \u003e Interface \u003e Select the interface \u003e Advanced Tab \u003e Create Management Interface Profile.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThis issue is applicable only to PA-Series and VM-Series firewalls that are configured to use User-ID\\u2122 Authentication Portal.\u003cbr\u003e\u003cbr\u003eCustomers are impacted if both of the following conditions are true:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003eUser-ID\\u2122 Authentication Portal configured in the User-ID\\u2122 Authentication Portal Settings page.  You can verify the configuration by going to Device \u0026gt; User Identification \u0026gt; Authentication Portal Settings -\u0026gt; Enable Authentication Portal (applies to both transparent and redirect modes) \u003cb\u003eand\u003c/b\u003e\u003c/li\u003e\u003cli\u003eAn interface management profile with response pages enabled and associated with an external/internet-accessible interface.  You can verify the configuration by going to Network \u0026gt; Interface \u0026gt; Select the interface \u0026gt; Advanced Tab \u0026gt; Create Management Interface Profile.\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"x_affectedList\": [\"PAN-OS 12.1.6\", \"PAN-OS 12.1.5\", \"PAN-OS 12.1.4-h3\", \"PAN-OS 12.1.4-h2\", \"PAN-OS 12.1.4\", \"PAN-OS 12.1.3-h3\", \"PAN-OS 12.1.3-h1\", \"PAN-OS 12.1.3\", \"PAN-OS 12.1.2\", \"PAN-OS 11.2.11\", \"PAN-OS 11.2.10-h4\", \"PAN-OS 11.2.10-h3\", \"PAN-OS 11.2.10-h2\", \"PAN-OS 11.2.10-h1\", \"PAN-OS 11.2.10\", \"PAN-OS 11.2.9\", \"PAN-OS 11.2.8\", \"PAN-OS 11.2.7-h11\", \"PAN-OS 11.2.7-h10\", \"PAN-OS 11.2.7-h8\", \"PAN-OS 11.2.7-h7\", \"PAN-OS 11.2.7-h4\", \"PAN-OS 11.2.7-h3\", \"PAN-OS 11.2.7-h2\", \"PAN-OS 11.2.7-h1\", \"PAN-OS 11.2.7\", \"PAN-OS 11.2.6\", \"PAN-OS 11.2.5\", \"PAN-OS 11.2.4-h15\", \"PAN-OS 11.2.4-h14\", \"PAN-OS 11.2.4-h12\", \"PAN-OS 11.2.4-h11\", \"PAN-OS 11.2.4-h10\", \"PAN-OS 11.2.4-h9\", \"PAN-OS 11.2.4-h8\", \"PAN-OS 11.2.4-h7\", \"PAN-OS 11.2.4-h6\", \"PAN-OS 11.2.4-h5\", \"PAN-OS 11.2.4-h4\", \"PAN-OS 11.2.4-h3\", \"PAN-OS 11.2.4-h2\", \"PAN-OS 11.2.4-h1\", \"PAN-OS 11.2.4\", \"PAN-OS 11.2.3-h5\", \"PAN-OS 11.2.3-h4\", \"PAN-OS 11.2.3-h3\", \"PAN-OS 11.2.3-h2\", \"PAN-OS 11.2.3-h1\", \"PAN-OS 11.2.3\", \"PAN-OS 11.2.2-h2\", \"PAN-OS 11.2.2-h1\", \"PAN-OS 11.2.1-h1\", \"PAN-OS 11.2.1\", \"PAN-OS 11.2.0-h1\", \"PAN-OS 11.2.0\", \"PAN-OS 11.1.13-h3\", \"PAN-OS 11.1.13-h2\", \"PAN-OS 11.1.13-h1\", \"PAN-OS 11.1.13\", \"PAN-OS 11.1.12\", \"PAN-OS 11.1.11\", \"PAN-OS 11.1.10-h21\", \"PAN-OS 11.1.10-h12\", \"PAN-OS 11.1.10-h10\", \"PAN-OS 11.1.10-h9\", \"PAN-OS 11.1.10-h7\", \"PAN-OS 11.1.10-h5\", \"PAN-OS 11.1.10-h4\", \"PAN-OS 11.1.10-h1\", \"PAN-OS 11.1.10\", \"PAN-OS 11.1.9\", \"PAN-OS 11.1.8\", \"PAN-OS 11.1.6-h29\", \"PAN-OS 11.1.6-h25\", \"PAN-OS 11.1.6-h23\", \"PAN-OS 11.1.6-h22\", \"PAN-OS 11.1.6-h21\", \"PAN-OS 11.1.6-h20\", \"PAN-OS 11.1.6-h19\", \"PAN-OS 11.1.6-h18\", \"PAN-OS 11.1.6-h17\", \"PAN-OS 11.1.6-h14\", \"PAN-OS 11.1.6-h10\", \"PAN-OS 11.1.6-h7\", \"PAN-OS 11.1.6-h6\", \"PAN-OS 11.1.6-h4\", \"PAN-OS 11.1.6-h3\", \"PAN-OS 11.1.6-h2\", \"PAN-OS 11.1.6-h1\", \"PAN-OS 11.1.6\", \"PAN-OS 11.1.5-h1\", \"PAN-OS 11.1.5\", \"PAN-OS 11.1.4-h27\", \"PAN-OS 11.1.4-h25\", \"PAN-OS 11.1.4-h18\", \"PAN-OS 11.1.4-h17\", \"PAN-OS 11.1.4-h15\", \"PAN-OS 11.1.4-h13\", \"PAN-OS 11.1.4-h12\", \"PAN-OS 11.1.4-h11\", \"PAN-OS 11.1.4-h10\", \"PAN-OS 11.1.4-h9\", \"PAN-OS 11.1.4-h8\", \"PAN-OS 11.1.4-h7\", \"PAN-OS 11.1.4-h6\", \"PAN-OS 11.1.4-h5\", \"PAN-OS 11.1.4-h4\", \"PAN-OS 11.1.4-h3\", \"PAN-OS 11.1.4-h2\", \"PAN-OS 11.1.4-h1\", \"PAN-OS 11.1.4\", \"PAN-OS 11.1.3-h13\", \"PAN-OS 11.1.3-h12\", \"PAN-OS 11.1.3-h11\", \"PAN-OS 11.1.3-h10\", \"PAN-OS 11.1.3-h9\", \"PAN-OS 11.1.3-h8\", \"PAN-OS 11.1.3-h7\", \"PAN-OS 11.1.3-h6\", \"PAN-OS 11.1.3-h5\", \"PAN-OS 11.1.3-h4\", \"PAN-OS 11.1.3-h3\", \"PAN-OS 11.1.3-h2\", \"PAN-OS 11.1.3-h1\", \"PAN-OS 11.1.3\", \"PAN-OS 11.1.2-h18\", \"PAN-OS 11.1.2-h17\", \"PAN-OS 11.1.2-h16\", \"PAN-OS 11.1.2-h15\", \"PAN-OS 11.1.2-h14\", \"PAN-OS 11.1.2-h13\", \"PAN-OS 11.1.2-h12\", \"PAN-OS 11.1.2-h11\", \"PAN-OS 11.1.2-h10\", \"PAN-OS 11.1.2-h9\", \"PAN-OS 11.1.2-h8\", \"PAN-OS 11.1.2-h7\", \"PAN-OS 11.1.2-h6\", \"PAN-OS 11.1.2-h5\", \"PAN-OS 11.1.2-h4\", \"PAN-OS 11.1.2-h3\", \"PAN-OS 11.1.2-h2\", \"PAN-OS 11.1.2-h1\", \"PAN-OS 11.1.2\", \"PAN-OS 11.1.1-h2\", \"PAN-OS 11.1.1-h1\", \"PAN-OS 11.1.1\", \"PAN-OS 11.1.0-h4\", \"PAN-OS 11.1.0-h3\", \"PAN-OS 11.1.0-h2\", \"PAN-OS 11.1.0-h1\", \"PAN-OS 11.1.0\", \"PAN-OS 10.2.18-h1\", \"PAN-OS 10.2.18\", \"PAN-OS 10.2.17\", \"PAN-OS 10.2.16-h6\", \"PAN-OS 10.2.16-h4\", \"PAN-OS 10.2.16-h1\", \"PAN-OS 10.2.16\", \"PAN-OS 10.2.15\", \"PAN-OS 10.2.14-h1\", \"PAN-OS 10.2.14\", \"PAN-OS 10.2.13-h18\", \"PAN-OS 10.2.13-h16\", \"PAN-OS 10.2.13-h15\", \"PAN-OS 10.2.13-h10\", \"PAN-OS 10.2.13-h7\", \"PAN-OS 10.2.13-h5\", \"PAN-OS 10.2.13-h4\", \"PAN-OS 10.2.13-h3\", \"PAN-OS 10.2.13-h2\", \"PAN-OS 10.2.13-h1\", \"PAN-OS 10.2.13\", \"PAN-OS 10.2.12-h6\", \"PAN-OS 10.2.12-h5\", \"PAN-OS 10.2.12-h4\", \"PAN-OS 10.2.12-h3\", \"PAN-OS 10.2.12-h2\", \"PAN-OS 10.2.12-h1\", \"PAN-OS 10.2.12\", \"PAN-OS 10.2.11-h13\", \"PAN-OS 10.2.11-h12\", \"PAN-OS 10.2.11-h11\", \"PAN-OS 10.2.11-h10\", \"PAN-OS 10.2.11-h9\", \"PAN-OS 10.2.11-h8\", \"PAN-OS 10.2.11-h7\", \"PAN-OS 10.2.11-h6\", \"PAN-OS 10.2.11-h5\", \"PAN-OS 10.2.11-h4\", \"PAN-OS 10.2.11-h3\", \"PAN-OS 10.2.11-h2\", \"PAN-OS 10.2.11-h1\", \"PAN-OS 10.2.11\", \"PAN-OS 10.2.10-h31\", \"PAN-OS 10.2.10-h30\", \"PAN-OS 10.2.10-h27\", \"PAN-OS 10.2.10-h26\", \"PAN-OS 10.2.10-h23\", \"PAN-OS 10.2.10-h21\", \"PAN-OS 10.2.10-h18\", \"PAN-OS 10.2.10-h17\", \"PAN-OS 10.2.10-h14\", \"PAN-OS 10.2.10-h13\", \"PAN-OS 10.2.10-h12\", \"PAN-OS 10.2.10-h11\", \"PAN-OS 10.2.10-h10\", \"PAN-OS 10.2.10-h9\", \"PAN-OS 10.2.10-h8\", \"PAN-OS 10.2.10-h7\", \"PAN-OS 10.2.10-h6\", \"PAN-OS 10.2.10-h5\", \"PAN-OS 10.2.10-h4\", \"PAN-OS 10.2.10-h3\", \"PAN-OS 10.2.10-h2\", \"PAN-OS 10.2.10-h1\", \"PAN-OS 10.2.10\", \"PAN-OS 10.2.9-h21\", \"PAN-OS 10.2.9-h20\", \"PAN-OS 10.2.9-h19\", \"PAN-OS 10.2.9-h18\", \"PAN-OS 10.2.9-h17\", \"PAN-OS 10.2.9-h16\", \"PAN-OS 10.2.9-h15\", \"PAN-OS 10.2.9-h14\", \"PAN-OS 10.2.9-h13\", \"PAN-OS 10.2.9-h12\", \"PAN-OS 10.2.9-h11\", \"PAN-OS 10.2.9-h10\", \"PAN-OS 10.2.9-h9\", \"PAN-OS 10.2.9-h8\", \"PAN-OS 10.2.9-h7\", \"PAN-OS 10.2.9-h6\", \"PAN-OS 10.2.9-h5\", \"PAN-OS 10.2.9-h4\", \"PAN-OS 10.2.9-h3\", \"PAN-OS 10.2.9-h2\", \"PAN-OS 10.2.9-h1\", \"PAN-OS 10.2.9\", \"PAN-OS 10.2.8-h21\", \"PAN-OS 10.2.8-h20\", \"PAN-OS 10.2.8-h19\", \"PAN-OS 10.2.8-h18\", \"PAN-OS 10.2.8-h17\", \"PAN-OS 10.2.8-h16\", \"PAN-OS 10.2.8-h15\", \"PAN-OS 10.2.8-h14\", \"PAN-OS 10.2.8-h13\", \"PAN-OS 10.2.8-h12\", \"PAN-OS 10.2.8-h11\", \"PAN-OS 10.2.8-h10\", \"PAN-OS 10.2.8-h9\", \"PAN-OS 10.2.8-h8\", \"PAN-OS 10.2.8-h7\", \"PAN-OS 10.2.8-h6\", \"PAN-OS 10.2.8-h5\", \"PAN-OS 10.2.8-h4\", \"PAN-OS 10.2.8-h3\", \"PAN-OS 10.2.8-h2\", \"PAN-OS 10.2.8-h1\", \"PAN-OS 10.2.8\", \"PAN-OS 10.2.7-h32\", \"PAN-OS 10.2.7-h24\", \"PAN-OS 10.2.7-h23\", \"PAN-OS 10.2.7-h22\", \"PAN-OS 10.2.7-h21\", \"PAN-OS 10.2.7-h20\", \"PAN-OS 10.2.7-h19\", \"PAN-OS 10.2.7-h18\", \"PAN-OS 10.2.7-h17\", \"PAN-OS 10.2.7-h16\", \"PAN-OS 10.2.7-h15\", \"PAN-OS 10.2.7-h14\", \"PAN-OS 10.2.7-h13\", \"PAN-OS 10.2.7-h12\", \"PAN-OS 10.2.7-h11\", \"PAN-OS 10.2.7-h10\", \"PAN-OS 10.2.7-h9\", \"PAN-OS 10.2.7-h8\", \"PAN-OS 10.2.7-h7\", \"PAN-OS 10.2.7-h6\", \"PAN-OS 10.2.7-h5\", \"PAN-OS 10.2.7-h4\", \"PAN-OS 10.2.7-h3\", \"PAN-OS 10.2.7-h2\", \"PAN-OS 10.2.7-h1\", \"PAN-OS 10.2.7\", \"PAN-OS 10.2.6-h6\", \"PAN-OS 10.2.6-h5\", \"PAN-OS 10.2.6-h4\", \"PAN-OS 10.2.6-h3\", \"PAN-OS 10.2.6-h2\", \"PAN-OS 10.2.6-h1\", \"PAN-OS 10.2.6\", \"PAN-OS 10.2.5-h9\", \"PAN-OS 10.2.5-h8\", \"PAN-OS 10.2.5-h7\", \"PAN-OS 10.2.5-h6\", \"PAN-OS 10.2.5-h5\", \"PAN-OS 10.2.5-h4\", \"PAN-OS 10.2.5-h3\", \"PAN-OS 10.2.5-h2\", \"PAN-OS 10.2.5-h1\", \"PAN-OS 10.2.5\", \"PAN-OS 10.2.4-h32\", \"PAN-OS 10.2.4-h31\", \"PAN-OS 10.2.4-h30\", \"PAN-OS 10.2.4-h29\", \"PAN-OS 10.2.4-h28\", \"PAN-OS 10.2.4-h27\", \"PAN-OS 10.2.4-h26\", \"PAN-OS 10.2.4-h25\", \"PAN-OS 10.2.4-h24\", \"PAN-OS 10.2.4-h23\", \"PAN-OS 10.2.4-h22\", \"PAN-OS 10.2.4-h21\", \"PAN-OS 10.2.4-h20\", \"PAN-OS 10.2.4-h19\", \"PAN-OS 10.2.4-h18\", \"PAN-OS 10.2.4-h17\", \"PAN-OS 10.2.4-h16\", \"PAN-OS 10.2.4-h15\", \"PAN-OS 10.2.4-h14\", \"PAN-OS 10.2.4-h13\", \"PAN-OS 10.2.4-h12\", \"PAN-OS 10.2.4-h11\", \"PAN-OS 10.2.4-h10\", \"PAN-OS 10.2.4-h9\", \"PAN-OS 10.2.4-h8\", \"PAN-OS 10.2.4-h7\", \"PAN-OS 10.2.4-h6\", \"PAN-OS 10.2.4-h5\", \"PAN-OS 10.2.4-h4\", \"PAN-OS 10.2.4-h3\", \"PAN-OS 10.2.4-h2\", \"PAN-OS 10.2.4-h1\", \"PAN-OS 10.2.4\", \"PAN-OS 10.2.3-h14\", \"PAN-OS 10.2.3-h13\", \"PAN-OS 10.2.3-h12\", \"PAN-OS 10.2.3-h11\", \"PAN-OS 10.2.3-h10\", \"PAN-OS 10.2.3-h9\", \"PAN-OS 10.2.3-h8\", \"PAN-OS 10.2.3-h7\", \"PAN-OS 10.2.3-h6\", \"PAN-OS 10.2.3-h5\", \"PAN-OS 10.2.3-h4\", \"PAN-OS 10.2.3-h3\", \"PAN-OS 10.2.3-h2\", \"PAN-OS 10.2.3-h1\", \"PAN-OS 10.2.3\", \"PAN-OS 10.2.2-h6\", \"PAN-OS 10.2.2-h5\", \"PAN-OS 10.2.2-h4\", \"PAN-OS 10.2.2-h3\", \"PAN-OS 10.2.2-h2\", \"PAN-OS 10.2.2-h1\", \"PAN-OS 10.2.2\", \"PAN-OS 10.2.1-h3\", \"PAN-OS 10.2.1-h2\", \"PAN-OS 10.2.1-h1\", \"PAN-OS 10.2.1\", \"PAN-OS 10.2.0-h4\", \"PAN-OS 10.2.0-h3\", \"PAN-OS 10.2.0-h2\", \"PAN-OS 10.2.0-h1\", \"PAN-OS 10.2.0\"], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"12.1.4-h5\", \"versionStartIncluding\": \"12.1.4\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"12.1.7\", \"versionStartIncluding\": \"12.1.0\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.4-h17\", \"versionStartIncluding\": \"11.2.4\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.7-h13\", \"versionStartIncluding\": \"11.2.7\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.10-h6\", \"versionStartIncluding\": \"11.2.10\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.2.12\", \"versionStartIncluding\": \"11.2.0\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.4-h33\", \"versionStartIncluding\": \"11.1.4\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.6-h32\", \"versionStartIncluding\": \"11.1.6\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.7-h6\", \"versionStartIncluding\": \"11.1.7\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.10-h25\", \"versionStartIncluding\": \"11.1.10\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.13-h5\", \"versionStartIncluding\": \"11.1.13\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"11.1.15\", \"versionStartIncluding\": \"11.1.0\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.7-h34\", \"versionStartIncluding\": \"10.2.7\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.10-h36\", \"versionStartIncluding\": \"10.2.10\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.13-h21\", \"versionStartIncluding\": \"10.2.13\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.16-h7\", \"versionStartIncluding\": \"10.2.16\"}, {\"criteria\": \"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"10.2.18-h6\", \"versionStartIncluding\": \"10.2.18\"}], \"operator\": \"OR\"}], \"operator\": \"OR\"}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2026-05-06T22:09:48.796Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-0300\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-07T03:55:34.043Z\", \"dateReserved\": \"2025-11-03T20:44:58.173Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2026-05-06T18:57:39.876Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

NCSC-2026-0132

Vulnerability from csaf_ncscnl - Published: 2026-05-06 08:38 - Updated: 2026-05-06 08:42

Summary

Kwetsbaarheid verholpen in Palo Alto Networks PAN-OS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Palo Alto Networks heeft een kwetsbaarheid verholpen in PAN-OS, specifiek in de User-ID Authentication Portal component van PA-Series en VM-Series firewalls.

Interpretaties: De kwetsbaarheid betreft een buffer overflow in de User-ID Authentication Portal, waardoor niet-geauthenticeerde aanvallers willekeurige code kunnen uitvoeren met root privileges. Prisma Access, Cloud NGFW en Panorama appliances zijn niet kwetsbaar. Het is gangbare praktijk om de User-ID Authentication Portal niet direct aan het internet bloot te stellen. Exploitatie kan leiden tot volledige systeemcompromittering via de authenticatieportal. Palo Alto heeft beperkt misbruik waargenomen, gericht op Palo Alto Networks User-ID™-authenticatieportalen die blootgesteld zijn aan niet-vertrouwde IP-adressen en/of het openbare internet. Het is niet gebruikelijk om het User-ID™-authenticatieportalal direct publiekelijk aan het internet bloot te stellen.

Oplossingen: Palo Alto Networks heeft updates uitgebracht, waaronder een workaround, om de kwetsbaarheid te verhelpen of te mitigeren. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-787: Out-of-bounds Write

CVE-2026-0300

A buffer overflow vulnerability in Palo Alto Networks PAN-OS User-ID Authentication Portal allows unauthenticated attackers to execute arbitrary code with root privileges on PA-Series and VM-Series firewalls, excluding Prisma Access, Cloud NGFW, and Panorama appliances.

CWE-787 - Out-of-bounds Write

References

URL

FKIE_CVE-2026-0300

Vulnerability from fkie_nvd - Published: 2026-05-06 19:16 - Updated: 2026-05-07 17:46

CISA KEV

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2026-0300	Mitigation, Vendor Advisory
	134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300	US Government Resource

Impacted products

Vendor	Product	Version
paloaltonetworks	pan-os	10.2.0
paloaltonetworks	pan-os	10.2.1
paloaltonetworks	pan-os	10.2.2
paloaltonetworks	pan-os	10.2.3
paloaltonetworks	pan-os	10.2.4
paloaltonetworks	pan-os	10.2.5
paloaltonetworks	pan-os	10.2.6
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.7
paloaltonetworks	pan-os	10.2.8
paloaltonetworks	pan-os	10.2.9
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.10
paloaltonetworks	pan-os	10.2.11
paloaltonetworks	pan-os	10.2.12
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.13
paloaltonetworks	pan-os	10.2.14
paloaltonetworks	pan-os	10.2.15
paloaltonetworks	pan-os	10.2.16
paloaltonetworks	pan-os	10.2.16
paloaltonetworks	pan-os	10.2.16
paloaltonetworks	pan-os	10.2.16
paloaltonetworks	pan-os	10.2.17
paloaltonetworks	pan-os	10.2.18
paloaltonetworks	pan-os	10.2.18
paloaltonetworks	pan-os	10.2.18
paloaltonetworks	pan-os	11.1.0
paloaltonetworks	pan-os	11.1.1
paloaltonetworks	pan-os	11.1.2
paloaltonetworks	pan-os	11.1.3
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.4
paloaltonetworks	pan-os	11.1.5
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.6
paloaltonetworks	pan-os	11.1.7
paloaltonetworks	pan-os	11.1.7
paloaltonetworks	pan-os	11.1.7
paloaltonetworks	pan-os	11.1.7
paloaltonetworks	pan-os	11.1.8
paloaltonetworks	pan-os	11.1.9
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.10
paloaltonetworks	pan-os	11.1.11
paloaltonetworks	pan-os	11.1.12
paloaltonetworks	pan-os	11.1.13
paloaltonetworks	pan-os	11.1.13
paloaltonetworks	pan-os	11.1.13
paloaltonetworks	pan-os	11.1.13
paloaltonetworks	pan-os	11.1.14
paloaltonetworks	pan-os	11.2.0
paloaltonetworks	pan-os	11.2.1
paloaltonetworks	pan-os	11.2.2
paloaltonetworks	pan-os	11.2.3
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.4
paloaltonetworks	pan-os	11.2.5
paloaltonetworks	pan-os	11.2.6
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.7
paloaltonetworks	pan-os	11.2.8
paloaltonetworks	pan-os	11.2.9
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.10
paloaltonetworks	pan-os	11.2.11
paloaltonetworks	pan-os	12.1.2
paloaltonetworks	pan-os	12.1.3
paloaltonetworks	pan-os	12.1.4
paloaltonetworks	pan-os	12.1.4
paloaltonetworks	pan-os	12.1.4
paloaltonetworks	pan-os	12.1.5
paloaltonetworks	pan-os	12.1.6
paloaltonetworks	pa-1410	-
paloaltonetworks	pa-1420	-
paloaltonetworks	pa-3410	-
paloaltonetworks	pa-3420	-
paloaltonetworks	pa-3430	-
paloaltonetworks	pa-3440	-
paloaltonetworks	pa-410	-
paloaltonetworks	pa-410r	-
paloaltonetworks	pa-410r-5g	-
paloaltonetworks	pa-415	-
paloaltonetworks	pa-415-5g	-
paloaltonetworks	pa-440	-
paloaltonetworks	pa-445	-
paloaltonetworks	pa-450	-
paloaltonetworks	pa-450r	-
paloaltonetworks	pa-450r-5g	-
paloaltonetworks	pa-455	-
paloaltonetworks	pa-455-5g	-
paloaltonetworks	pa-455r-5g	-
paloaltonetworks	pa-460	-
paloaltonetworks	pa-501	-
paloaltonetworks	pa-505	-
paloaltonetworks	pa-510	-
paloaltonetworks	pa-520	-
paloaltonetworks	pa-540	-
paloaltonetworks	pa-5410	-
paloaltonetworks	pa-5420	-
paloaltonetworks	pa-5430	-
paloaltonetworks	pa-5440	-
paloaltonetworks	pa-5445	-
paloaltonetworks	pa-545-poe	-
paloaltonetworks	pa-5450	-
paloaltonetworks	pa-550	-
paloaltonetworks	pa-5540	-
paloaltonetworks	pa-555-poe	-
paloaltonetworks	pa-5550	-
paloaltonetworks	pa-5560	-
paloaltonetworks	pa-5570	-
paloaltonetworks	pa-5580	-
paloaltonetworks	pa-560	-
paloaltonetworks	pa-7500	-
paloaltonetworks	pa-7500-dpc-a	-
paloaltonetworks	vm-100	-
paloaltonetworks	vm-300	-
paloaltonetworks	vm-50	-
paloaltonetworks	vm-500	-
paloaltonetworks	vm-700	-

JSON

To clipboard

{
  "cisaActionDue": "2026-05-09",
  "cisaExploitAdd": "2026-05-06",
  "cisaRequiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.    Until the vendor releases an official fix, the following workaround should be implemented:  - Restrict User-ID Authentication Portal access to only trusted zones.  - Disable User-ID Authentication Portal if not required.",
  "cisaVulnerabilityName": "Palo Alto Networks PAN-OS Out-of-bounds Write Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D515774C-BDB8-4A78-BCFB-01A825B93DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B050597-FC74-4667-83A5-A82BCAD1FCE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AACF8E4-ABED-4617-80D8-2ABC37AAC005",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6220162-85C0-4DC7-AE73-643A2BA08090",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEEE3F9F-2F8F-4F1D-9BC8-1EAF9673B68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "909CCBED-27AC-4888-91B7-FDA621861AB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "39A74871-369E-4B91-A70A-801AF1A8B406",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "A8C42D98-CF8F-456B-9D57-80BBDC2C8E74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
              "matchCriteriaId": "B3AAD4BA-22DD-43D3-91F1-8A6F5FBBF029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
              "matchCriteriaId": "AA4994CB-6591-4B44-A5D7-3CDF540B97DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
              "matchCriteriaId": "A6AB7874-FE24-42AC-8E3A-822A70722126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*",
              "matchCriteriaId": "0D88CC33-7E32-4E82-8A94-70759E910510",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*",
              "matchCriteriaId": "FA91A4E9-CE1E-4CB8-B717-4B0E314C0171",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h24:*:*:*:*:*:*",
              "matchCriteriaId": "28994519-3519-4E94-8D8B-7C4251A82B8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
              "matchCriteriaId": "776E06EC-2FDA-4664-AB43-9F6BE9B897CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h32:*:*:*:*:*:*",
              "matchCriteriaId": "53981EA8-847F-4FBC-BA55-8EDF591E0FF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
              "matchCriteriaId": "CBE09375-A863-42FF-813F-C20679D7C45C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
              "matchCriteriaId": "1311961A-0EF6-488E-B0C2-EDBD508587C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "78EAA309-2755-4ED2-9AFC-F4D9DF8F90D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6D42C2-1CEC-47D2-82B2-1EFE71A8C8A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
              "matchCriteriaId": "03C5ABF2-8C53-4376-8A64-6CB34E18E77C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*",
              "matchCriteriaId": "FF7FCD8B-80DF-4004-A9D2-4EE884F089A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*",
              "matchCriteriaId": "83C9637A-B615-4CC2-84AA-BDCFE611484C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:*",
              "matchCriteriaId": "224270A7-767D-433B-AD51-C031506747C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h17:*:*:*:*:*:*",
              "matchCriteriaId": "A532EFC6-A883-4279-8C05-9CD600B3F963",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h18:*:*:*:*:*:*",
              "matchCriteriaId": "F4F20C02-DF90-4609-9254-B765481C83E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
              "matchCriteriaId": "872BC747-512A-4872-AC86-E7F1DC589F47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h21:*:*:*:*:*:*",
              "matchCriteriaId": "E5E36C87-E01D-49DC-AB73-10E5EE27F596",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h27:*:*:*:*:*:*",
              "matchCriteriaId": "39437442-B24D-492F-B637-2203492327FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
              "matchCriteriaId": "67F527D0-F85B-4B83-AEA5-BA636FC89210",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h30:*:*:*:*:*:*",
              "matchCriteriaId": "984BE1FB-ADB7-4831-AEDD-39DBAED078B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h31:*:*:*:*:*:*",
              "matchCriteriaId": "AF2C954D-9763-41E3-A132-F83C82E79BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
              "matchCriteriaId": "6CF8F985-7E51-49E6-857A-FAAF027F5611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
              "matchCriteriaId": "B437DCEA-ABA3-41CA-B320-97EC430F1122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
              "matchCriteriaId": "593AFE7A-CB37-4156-A2B8-646A317F3176",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*",
              "matchCriteriaId": "A9F032C2-3202-479B-8C70-277F6871A4A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "3079F29C-688B-4FFB-BBC0-5FCD7B5B6905",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "674C85C5-162E-42DE-ACD1-D18943040E1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*",
              "matchCriteriaId": "C2B871A6-0636-42A0-9573-6F693D7753AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*",
              "matchCriteriaId": "F1FC63B8-B8D9-4EC1-85CA-2E12B38ACD3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h10:*:*:*:*:*:*",
              "matchCriteriaId": "F3F8462A-71C0-4F81-9882-C73BC90697CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h16:*:*:*:*:*:*",
              "matchCriteriaId": "C1B72E68-2D01-483F-BEC5-59C49E96B976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h18:*:*:*:*:*:*",
              "matchCriteriaId": "E49419C4-9AFE-4B7F-90EF-DB50EBB608D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*",
              "matchCriteriaId": "60CE628F-C4CB-4342-8D71-DE61A089B612",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h3:*:*:*:*:*:*",
              "matchCriteriaId": "2447D2B1-A145-4036-B9F2-17648B193465",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h4:*:*:*:*:*:*",
              "matchCriteriaId": "C24353AF-DC81-49B9-9132-9EEC8E6009BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h5:*:*:*:*:*:*",
              "matchCriteriaId": "B4420489-AE0F-4A48-B2CE-C165BEBFA6A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h7:*:*:*:*:*:*",
              "matchCriteriaId": "C45D8DF1-9483-4B24-AB94-B1FF4A5F2606",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "941CB947-862C-4C17-A039-8CD46D21B3BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "146BFB2E-5802-495E-B20D-9783B41357A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:-:*:*:*:*:*:*",
              "matchCriteriaId": "BC38A9CD-CDB6-423A-BE8D-2E0E45A3B239",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h1:*:*:*:*:*:*",
              "matchCriteriaId": "41B48ECA-FD05-4EA2-B1C9-771624EAAFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h4:*:*:*:*:*:*",
              "matchCriteriaId": "4D65D1F0-323E-41AF-962E-1F9741748A76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:h6:*:*:*:*:*:*",
              "matchCriteriaId": "D5D41E00-D517-4B81-A7FC-C8E101884807",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.17:-:*:*:*:*:*:*",
              "matchCriteriaId": "DEBB519E-9AC8-4100-B71C-E7D3276ED79C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:-:*:*:*:*:*:*",
              "matchCriteriaId": "19604659-570D-4766-B8B5-8B9920E2607F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h1:*:*:*:*:*:*",
              "matchCriteriaId": "745A3A2A-73CF-4DC2-968B-ACFC66389E11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.18:h5:*:*:*:*:*:*",
              "matchCriteriaId": "3A1E533E-DE4A-4F2F-A71A-FFF56E757087",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB628D07-9AB0-4C19-8DA3-DBE5689A3F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A94EA8A-EADF-416D-AE54-3CF56214714C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC05CBD3-7679-4640-9BE4-FD5418D9F756",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F383C3D-0C7A-4B5E-9798-D1CE9632687B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "DF83EAA1-49E1-4AD0-A049-F1B3065950BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
              "matchCriteriaId": "BE3F7369-9F35-409A-9F47-45A959592DFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h13:*:*:*:*:*:*",
              "matchCriteriaId": "FD701663-4C57-4115-BD59-9DFFB504E2AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h15:*:*:*:*:*:*",
              "matchCriteriaId": "82816C09-6A9D-4AB2-AA55-62CC714CCA82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h16:*:*:*:*:*:*",
              "matchCriteriaId": "9AA9F77D-BC9C-4A2C-8988-6DEE65CD9C8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h17:*:*:*:*:*:*",
              "matchCriteriaId": "A5A3CEBF-9F8A-47F9-A302-7C395F2A8146",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h18:*:*:*:*:*:*",
              "matchCriteriaId": "A79B51D2-74E8-4BA3-AE33-829A9C1776E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h25:*:*:*:*:*:*",
              "matchCriteriaId": "E08297B1-95E9-4730-B59D-252B958C4199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h27:*:*:*:*:*:*",
              "matchCriteriaId": "B56B153E-8693-4257-9E33-38904A949ED8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h32:*:*:*:*:*:*",
              "matchCriteriaId": "A220ED95-5E1A-45AA-85BD-8A58CFC6C697",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
              "matchCriteriaId": "E9DB4DA9-2262-4E9E-B3A1-49D261D01295",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h7:*:*:*:*:*:*",
              "matchCriteriaId": "4852E738-990C-4DD2-8252-D4625D843A99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h9:*:*:*:*:*:*",
              "matchCriteriaId": "CB2C59F8-2583-4510-90F8-500F8329AFFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C31ACD7-46AB-4092-89F3-7B4C9B642199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "52C50A07-F4D8-4F1F-BA61-3429BB1721BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h1:*:*:*:*:*:*",
              "matchCriteriaId": "9D12FF27-C186-467C-8627-1284EBC67243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h10:*:*:*:*:*:*",
              "matchCriteriaId": "AF4AA997-35BC-4BC1-9EF2-644503B2D806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h14:*:*:*:*:*:*",
              "matchCriteriaId": "12EF4DDF-9773-4B02-8FF4-F94A1D49E6AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h17:*:*:*:*:*:*",
              "matchCriteriaId": "8FAE17BB-7938-41D0-8D62-46F829C647BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h19:*:*:*:*:*:*",
              "matchCriteriaId": "6DA5A0AD-C4FB-4210-8651-F94F2875A0EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h2:*:*:*:*:*:*",
              "matchCriteriaId": "45D633D7-A4B5-4D68-9BAB-D9BA25877F36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h20:*:*:*:*:*:*",
              "matchCriteriaId": "B79DB477-A907-4300-A651-16F93880B049",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h21:*:*:*:*:*:*",
              "matchCriteriaId": "AF74D8FA-677F-484D-9338-A1761614FFD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h22:*:*:*:*:*:*",
              "matchCriteriaId": "F9FC5118-4056-4E22-A1F0-D6FFA2B88472",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h23:*:*:*:*:*:*",
              "matchCriteriaId": "5E7A808F-F52F-4786-950C-591CCADB2EE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h25:*:*:*:*:*:*",
              "matchCriteriaId": "0CA82012-AA59-44C1-BB9D-0B28764D507E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h29:*:*:*:*:*:*",
              "matchCriteriaId": "27233F80-A620-42D3-927D-4FCDE6345456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h3:*:*:*:*:*:*",
              "matchCriteriaId": "63729FA6-ED2A-4593-9436-232F282A0A78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h4:*:*:*:*:*:*",
              "matchCriteriaId": "F39792EF-61B5-4874-9FD0-7544F8C5C0D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h5:*:*:*:*:*:*",
              "matchCriteriaId": "CCC24BCD-E508-4553-9BAC-468A1078C9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h6:*:*:*:*:*:*",
              "matchCriteriaId": "4A06B6F4-DCAE-4115-93D4-25D0A37AAB9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:h7:*:*:*:*:*:*",
              "matchCriteriaId": "91529C45-FA55-4844-A153-682F729F440D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "64B56778-2698-493D-80AD-B4AE81F48124",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h1:*:*:*:*:*:*",
              "matchCriteriaId": "0A9D3E2E-BA37-4F2A-BD43-97DD93E43D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h2:*:*:*:*:*:*",
              "matchCriteriaId": "9DCE8F6C-541E-4C61-ABC8-4A618B0DD58D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.7:h4:*:*:*:*:*:*",
              "matchCriteriaId": "1E5EF79B-1A25-4AAB-AF2E-D151359E7FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7193CCDA-D5D4-41D2-A808-87EDC19F2F49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "D58FF578-775A-4BC0-9975-2C8B8E51B1E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:-:*:*:*:*:*:*",
              "matchCriteriaId": "A92886DF-C989-47AD-8F68-8F468BBC6E57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h1:*:*:*:*:*:*",
              "matchCriteriaId": "9893920B-A00E-4890-A897-EE1CF0751BA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h10:*:*:*:*:*:*",
              "matchCriteriaId": "D1289923-12D8-4FDD-B18B-C52516F14922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h12:*:*:*:*:*:*",
              "matchCriteriaId": "AFC923D7-672D-4556-8344-BBD285324067",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h21:*:*:*:*:*:*",
              "matchCriteriaId": "E1510DE9-04A3-4E08-872D-C0F6041BCFCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h4:*:*:*:*:*:*",
              "matchCriteriaId": "31CD3B15-2CE0-404A-9542-9C39B8E71027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h5:*:*:*:*:*:*",
              "matchCriteriaId": "0194DA0B-041A-4810-8BFB-2308290517B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h7:*:*:*:*:*:*",
              "matchCriteriaId": "69E64D86-034F-4BC7-9A4E-2703D834EBC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:h9:*:*:*:*:*:*",
              "matchCriteriaId": "B992628F-1114-4FC8-9364-800ACE997044",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CF31A0-82EC-45DF-87DD-81C458AAF94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "77024A63-A28F-4467-8D4C-3CFD41724777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:-:*:*:*:*:*:*",
              "matchCriteriaId": "9223B0D4-6194-4684-8EF4-84A0EF511D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h1:*:*:*:*:*:*",
              "matchCriteriaId": "CB16C018-2B70-4F4D-9025-69FF82CD40F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h2:*:*:*:*:*:*",
              "matchCriteriaId": "1259B519-130D-4584-86AA-E4EA1E89ACB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.13:h3:*:*:*:*:*:*",
              "matchCriteriaId": "0DCA6D54-E623-4985-B35F-AC98299828EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.1.14:-:*:*:*:*:*:*",
              "matchCriteriaId": "20A38461-BC7E-4D75-A168-FA493955A54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF9D96B4-E4D2-4F35-A4AF-D79BB9F3A41B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF8163D-1EE5-4955-A317-1BC95581C87D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEEE3CF8-1B67-44D3-8FF1-9EC6C5197835",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6DFD05F-0A72-45E0-8D20-E1C28642C973",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "C01AD190-F3C2-4349-A063-8C5C78B725B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*",
              "matchCriteriaId": "30F4CD1C-6862-4279-8D2D-40B4D164222F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h10:*:*:*:*:*:*",
              "matchCriteriaId": "8137F3AF-BA32-41BC-AD2E-A668FFA33892",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h11:*:*:*:*:*:*",
              "matchCriteriaId": "8C977AF0-D2B0-401A-A7C5-A1C71AC3C072",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h12:*:*:*:*:*:*",
              "matchCriteriaId": "B9C0A53F-2AFE-4B0D-AEC1-464E6001E02F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h14:*:*:*:*:*:*",
              "matchCriteriaId": "D720448D-F40B-4C92-9101-A48AC36C9CBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h15:*:*:*:*:*:*",
              "matchCriteriaId": "5F12F7AC-D5B3-499E-87DA-27427D8BFFC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*",
              "matchCriteriaId": "A52B7A7A-483A-4075-B1E9-5C14B66F7FC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h4:*:*:*:*:*:*",
              "matchCriteriaId": "76949F0F-2ADC-492F-83F0-0A1B0E861F97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h5:*:*:*:*:*:*",
              "matchCriteriaId": "C1DD83BC-4E8E-4C1D-80C7-A6209B4E70CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h6:*:*:*:*:*:*",
              "matchCriteriaId": "73888909-64C5-41BC-BAE0-BD9BDEEAF723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h7:*:*:*:*:*:*",
              "matchCriteriaId": "E7861D82-815D-4894-9E11-1B6B1E66CDEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h8:*:*:*:*:*:*",
              "matchCriteriaId": "D269E33D-9A79-40CC-B79A-C9A398AB7AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h9:*:*:*:*:*:*",
              "matchCriteriaId": "9762E441-856F-466F-812C-798CA2EEF965",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EF09924-12F7-4F76-9FD0-08AF707AA289",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62D458B-2BC0-4E0C-8E95-894674DBD791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:-:*:*:*:*:*:*",
              "matchCriteriaId": "0A25C9D9-BC83-49AE-BEE7-EF05F8336B01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h1:*:*:*:*:*:*",
              "matchCriteriaId": "A93C2B58-EC78-4C3D-89FF-35D9C489E39F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h10:*:*:*:*:*:*",
              "matchCriteriaId": "A32E35C0-913E-4348-8AD4-E1F169C40C92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h11:*:*:*:*:*:*",
              "matchCriteriaId": "39112398-2A93-4E26-A7DF-0E3FA81C5130",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h12:*:*:*:*:*:*",
              "matchCriteriaId": "C88442D1-599F-411D-B7A2-E17AA839F177",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h2:*:*:*:*:*:*",
              "matchCriteriaId": "D12C3EB6-842E-4378-896C-FDBB2BC75D10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h3:*:*:*:*:*:*",
              "matchCriteriaId": "86B41903-FF08-454D-B626-184CB73B122E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h4:*:*:*:*:*:*",
              "matchCriteriaId": "396DC378-7716-40F6-88A4-99299A16CAF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h7:*:*:*:*:*:*",
              "matchCriteriaId": "5E5C6E3A-262C-4212-B21C-00E8079AA8CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:h8:*:*:*:*:*:*",
              "matchCriteriaId": "4C855108-D3C9-4DE3-B9F4-9735A0A439AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B887380-062F-45B2-9F25-861227E86377",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "02713C77-26D8-4C84-A8B2-86B6BA5BE600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:-:*:*:*:*:*:*",
              "matchCriteriaId": "051673AB-50BF-4DD0-8679-F5825520241A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h1:*:*:*:*:*:*",
              "matchCriteriaId": "BAC15D8A-83CA-413F-BA2B-17EC2B169F6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h2:*:*:*:*:*:*",
              "matchCriteriaId": "70B3EB0C-87F1-46C2-B95C-C5808E473BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h3:*:*:*:*:*:*",
              "matchCriteriaId": "073BF631-451B-4DFC-B23C-F0F68C2450F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h4:*:*:*:*:*:*",
              "matchCriteriaId": "13AA1BEF-F2F6-4534-89F3-DF4E79217978",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.10:h5:*:*:*:*:*:*",
              "matchCriteriaId": "CBFDE611-4981-4D92-ABAF-858DF132535F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.2.11:-:*:*:*:*:*:*",
              "matchCriteriaId": "CE68AC6C-61B6-4245-96AE-3D1F96D44721",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A116B32-5798-47EC-A22D-D3E960B29C07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1725F67-BF14-48B4-A405-1CCA507CD553",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "8C1ADE94-3F05-48EE-94E0-FD6EB682705C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h2:*:*:*:*:*:*",
              "matchCriteriaId": "F727C18E-1C8D-448A-954C-073294FBC65C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.4:h3:*:*:*:*:*:*",
              "matchCriteriaId": "7E492BE6-EB2E-4616-85EA-3B389741301B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.5:-:*:*:*:*:*:*",
              "matchCriteriaId": "0DF08D3C-62B3-4875-972A-CDF35D2786B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:12.1.6:-:*:*:*:*:*:*",
              "matchCriteriaId": "7C32D27E-BCD7-4F26-B802-B6EA931B0F40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-1410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0183BAB-B1AE-44D9-B187-798CECB9A640",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-1420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B2FCF34-EC08-4AF2-AC0B-D48D97BFFC86",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-3410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08BD8F1C-5CDA-4B5C-9DA6-967773A9B0EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-3420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "824EE71F-D617-4FDA-B529-DCF8F6BA5C1B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-3430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2DA44A2-3859-48B8-8146-4433D5FF4C68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-3440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF7BE07-98F5-4DB7-AD77-625BB46CFC3C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BABAB43B-198C-42E0-836C-F7FB30256A2F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-410r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DF6F082-99CC-47BB-AEB1-2FD00EE1278D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-410r-5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9D11D5-FDEA-4B83-8AE2-64A007791CBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-415:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0BA207F-6CDF-4D90-8739-8FE34EC0F3C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-415-5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38DC5E80-274A-4E65-A2DC-BC79623BF698",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31854314-2ABE-4658-AD1B-230A0B261674",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-445:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CA7E681-BE00-416C-86C5-08A1A18976F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5128449-D0A7-47FA-AFE7-258672972BBF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-450r:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DB8D540-4F7A-44F2-9F5B-96F1F704330A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-450r-5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB12277D-B9CF-4703-B08F-5555261F1BC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-455:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "85B9E8EF-5A4E-40B7-8044-C4352AD1BD2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-455-5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE7143C5-FDEF-4440-AB43-9A6B5D201D57",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-455r-5g:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEFB32D5-43C7-4D4A-AA81-7BBC006B92CC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-460:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "017A0571-E011-4AE6-B4ED-B1AAC0EBA22B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-501:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB469DD8-C776-4B6A-91A4-66B27483FDE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-505:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A070368D-23E8-47F3-8F72-E011728F90C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D8DECEA-D8A1-44AF-9F51-B99C6599FCAB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-520:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44F6F6DC-291D-447C-AF36-BC9A275076DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FCA08A8-DDE0-4179-890D-D939E427414A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C702B085-D739-4E06-805F-D01144279071",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5420:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "29237799-7DF5-478C-AE36-EC8E8416EAB7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5430:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB69E29-2974-4963-96D6-E0C08D7777F4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5440:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F7914EA-FEA6-4911-9A47-4F516BEE6663",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5445:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37BC54A5-071C-4F62-87EB-2314CA019B08",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-545-poe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "650AB458-DE6F-4933-A624-1AC7A2599E73",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5450:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB18C39C-0602-4136-83C9-61D99BAA46D8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "665EF149-C97D-4820-AE79-849815E8D8D9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5540:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1210A5F-A8C0-49F2-8418-6ABE7E12606F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-555-poe:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "54B8A6E0-7EDA-4C00-B8DF-8D547DD4A5B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6297F0CE-9E54-4B87-88BC-1EE8A16E55A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A915842C-2F40-48F4-BFEE-3682B426100D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5570:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "247690C1-8955-4CD5-9826-69AAA64D8D0D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-5580:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EBB2CDD-E0DB-47F5-B863-09CF2267A3EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-560:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD189FAE-EB8F-436F-BBC4-58F60F60DCDE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-7500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6C4FC4B-7E69-4A28-9406-DA8D20A54D24",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:pa-7500-dpc-a:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E545C2B6-AD84-4FCC-8CCE-164CD3968A85",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:vm-100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "44873791-6AB0-4EF5-808B-4495E18D225B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:vm-300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00F998EF-0FFD-44BC-A07B-0361E171E68F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:vm-50:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C0A1C05-D307-41E4-A420-4BC3EE308658",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:vm-500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C239BEAA-7BFB-49F9-8E48-477D76119CAF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:paloaltonetworks:vm-700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BF87B31-B5F4-46F7-91DA-50F771FE56AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \n\nThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\n\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability."
    }
  ],
  "id": "CVE-2026-0300",
  "lastModified": "2026-05-07T17:46:44.287",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "YES",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 9.3,
          "baseSeverity": "CRITICAL",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "ATTACKED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "RED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Red",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-05-06T19:16:35.730",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2026-0300"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    }
  ]
}

GHSA-3VFH-3CPW-2378

Vulnerability from github – Published: 2026-05-06 21:31 – Updated: 2026-05-07 18:30

Details

The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal per the best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail by restricting access to only trusted internal IP addresses.

Prisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 (Critical)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/AU:Y/R:U/V:C/RE:M/U:Red

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-0300"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-06T19:16:35Z",
    "severity": "CRITICAL"
  },
  "details": "A buffer overflow vulnerability in the User-ID\u2122 Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. \n\nThe risk of this issue is greatly reduced if you secure access to the User-ID\u2122 Authentication Portal per the  best practice guidelines https://knowledgebase.paloaltonetworks.com/KCSArticleDetail  by restricting access to only trusted internal IP addresses.\n\nPrisma Access, Cloud NGFW and Panorama appliances are not impacted by this vulnerability.",
  "id": "GHSA-3vfh-3cpw-2378",
  "modified": "2026-05-07T18:30:37Z",
  "published": "2026-05-06T21:31:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0300"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2026-0300"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-0300"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Red",
      "type": "CVSS_V4"
    }
  ]
}

CERTFR-2026-AVI-0537

Vulnerability from certfr_avis - Published: 2026-05-06 - Updated: 2026-05-06

Une vulnérabilité a été découverte dans Palo Alto Networks User-ID Authentication Portal. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Palo Alto Networks indique que la vulnérabilité CVE-2026-0300 est activement exploitée.

L'éditeur indique que les correctifs seront publiés le 13 et le 28 mai 2026.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.10-x antérieures à 11.2.10-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.18-x antérieures à 10.2.18-h6
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.x antérieures à 12.1.7
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.13-x antérieures à 10.2.13-h21
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.7-x antérieures à 10.2.7-h34
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.13-x antérieures à 11.1.13-h5
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.6-x antérieures à 11.1.6-h32
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.4-x antérieures à 11.2.4-h17
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.16-x antérieures à 10.2.16-h7
Palo Alto Networks	PAN-OS	PAN-OS versions 10.2.10-x antérieures à 10.2.10-h36
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.x antérieures à 11.1.15
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.4-x antérieures à 11.1.4-h33
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.x antérieures à 11.2.12
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.10-x antérieures à 11.1.10-h25
Palo Alto Networks	PAN-OS	PAN-OS versions 12.1.4-x antérieures à 12.1.4-h5
Palo Alto Networks	PAN-OS	PAN-OS versions 11.2.7-x antérieures à 11.2.7-h13
Palo Alto Networks	PAN-OS	PAN-OS versions 11.1.7-x antérieures à 11.1.7-h6

References

Title

Publication Time

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-0300 (GCVE-0-2026-0300)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

NCSC-2026-0132

FKIE_CVE-2026-0300

GHSA-3VFH-3CPW-2378

CERTFR-2026-AVI-0537

Solutions

Tags

Sightings

Nomenclature