PAN-OS 9.0.14-h3 Addressed Issues
Focus
Focus

PAN-OS 9.0.14-h3 Addressed Issues

Table of Contents
End-of-Life (EoL)

PAN-OS 9.0.14-h3 Addressed Issues

PAN-OS® 9.0.14-h3 addressed issues.
Issue ID
Description
PAN-176661
Fixed an issue in Simple Certificate Enrollment Protocol (SCEP) (CVE-2021-3060).
PAN-176655 and PAN-158334
A fix was made to address an OS command injection vulnerability in the PAN-OS CLI that enabled an authenticated administrator with access to the CLI to execute arbitrary OS commands to escalate privileges (CVE-2021-3061).
PAN-176653
A fix was made to address an OS command injection vulnerability in the PAN-OS web interface that enabled an authenticated administrator with permissions to use XML API to execute arbitrary OS commands to escalate privileges (CVE-2021-3058).
PAN-176618
A fix was made to address an OS command injection vulnerability in PAN-OS that existed when performing dynamic updates (CVE-2021-3059).
PAN-171203
Fixed an issue in a high availability (HA) configuration where, when one firewall was active and its peer was in a suspended state, the suspended firewall continued to send traffic, which triggered the detection of duplicate MAC addresses.
PAN-160708
Fixed an issue where the dataplane restarted after configuring a deny_all policy.