{"api_version":"1","generated_at":"2026-07-12T23:29:16+00:00","cve":"CVE-2026-0283","urls":{"html":"https://cve.report/CVE-2026-0283","api":"https://cve.report/api/cve/CVE-2026-0283.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-0283","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-0283"},"summary":{"title":"PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)","description":"An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.","state":"PUBLISHED","assigner":"palo_alto","published_at":"2026-07-09 19:17:00","updated_at":"2026-07-09 20:16:26"},"problem_types":["CWE-306","CWE-306 CWE-306 Missing Authentication for Critical Function"],"metrics":[{"version":"4.0","source":"psirt@paloaltonetworks.com","type":"Secondary","score":"4.5","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber","data":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}},{"version":"4.0","source":"CNA","type":"CVSS","score":"4.5","severity":"MEDIUM","vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber","data":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":4.5,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","userInteraction":"NONE","valueDensity":"DIFFUSE","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"LOW","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"MODERATE"}}],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2026-0283","name":"https://security.paloaltonetworks.com/CVE-2026-0283","refsource":"psirt@paloaltonetworks.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-0283","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-0283","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Palo Alto Networks","product":"Cloud NGFW","version":"unaffected All custom","platforms":[]},{"source":"CNA","vendor":"Palo Alto Networks","product":"PAN-OS","version":"affected 12.1.0 12.1.8 custom","platforms":[]},{"source":"CNA","vendor":"Palo Alto Networks","product":"PAN-OS","version":"affected 11.2.0 11.2.13 custom","platforms":[]},{"source":"CNA","vendor":"Palo Alto Networks","product":"PAN-OS","version":"affected 11.1.0 11.1.16 custom","platforms":[]},{"source":"CNA","vendor":"Palo Alto Networks","product":"PAN-OS","version":"affected 10.2.0 10.2.18-h8 custom","platforms":[]},{"source":"CNA","vendor":"Palo Alto Networks","product":"Prisma Access","version":"unaffected All custom","platforms":[]}],"timeline":[{"source":"CNA","time":"2026-07-08T16:00:00.000Z","lang":"en","value":"Initial publication"}],"solutions":[{"source":"CNA","title":"","value":"Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions Upgrade to a supported fixed version.Prisma Access All\nNo action needed.","time":"","lang":"eng"}],"workarounds":[{"source":"CNA","title":"","value":"Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version 9122-10145 and later). \n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 .","time":"","lang":"eng"}],"exploits":[{"source":"CNA","title":"","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.","time":"","lang":"en"}],"credits":[{"source":"CNA","value":"Vaibhav Nagar (internal reporter)  and our internal security research teams","lang":"en"}],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"283","cve":"CVE-2026-0283","epss":"0.005770000","percentile":"0.435260000","score_date":"2026-07-11","updated_at":"2026-07-12 00:00:51"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-0283","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-07-09T19:24:57.850143Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-07-09T19:25:07.889Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"Cloud NGFW","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]},{"cpes":["cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:12.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.2.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h28:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h34:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h33:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h29:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.6:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h34:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h33:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h25:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.4:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:11.1.0:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.18:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.17:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.16:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.15:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.14:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.13:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.12:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.11:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h37:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h36:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h31:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h30:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h27:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h26:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.10:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.9:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.8:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h35:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h34:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h32:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h24:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h23:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h22:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h21:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h20:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h19:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h18:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h17:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h16:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h15:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h14:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h13:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h12:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h11:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h10:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h9:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h8:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h7:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h6:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h5:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h4:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h3:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h2:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:h1:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.7:-:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.6:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.5:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:palo_alto_networks:pan-os:10.2.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"PAN-OS","vendor":"Palo Alto Networks","versions":[{"changes":[{"at":"12.1.8","status":"unaffected"},{"at":"12.1.7-h2","status":"unaffected"},{"at":"12.1.4-h8","status":"unaffected"}],"lessThan":"12.1.8","status":"affected","version":"12.1.0","versionType":"custom"},{"changes":[{"at":"11.2.13","status":"unaffected"},{"at":"11.2.10-h12","status":"unaffected"},{"at":"11.2.7-h18","status":"unaffected"},{"at":"11.2.4-h20","status":"unaffected"}],"lessThan":"11.2.13","status":"affected","version":"11.2.0","versionType":"custom"},{"changes":[{"at":"11.1.16","status":"unaffected"},{"at":"11.1.13-h9","status":"unaffected"},{"at":"11.1.10-h30","status":"unaffected"},{"at":"11.1.7-h8","status":"unaffected"},{"at":"11.1.6-h35","status":"unaffected"},{"at":"11.1.4-h35","status":"unaffected"}],"lessThan":"11.1.16","status":"affected","version":"11.1.0","versionType":"custom"},{"changes":[{"at":"10.2.18-h8","status":"unaffected"},{"at":"10.2.16-h9","status":"unaffected"},{"at":"10.2.13-h23","status":"unaffected"},{"at":"10.2.10-h39","status":"unaffected"},{"at":"10.2.7-h36","status":"unaffected"}],"lessThan":"10.2.18-h8","status":"affected","version":"10.2.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Prisma Access","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]}],"configurations":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.<br></p><p>To check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:<br></p>show config running | match satellite<p>If output is returned, LSVPN is in use.</p><p>You can also verify in the web interface by navigating to&nbsp;<b>Network</b><b> &gt; </b><b>GlobalProtect</b><b> &gt; </b><b>Portals</b>, selecting each portal, and checking whether the Satellite tab contains any&nbsp;<a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations\">configured satellites</a>.</p>"}],"value":"This issue is applicable only to firewalls using Large Scale VPN (LSVPN) with configured satellites.\n\n\n\n\nTo check if your firewall has LSVPN satellites configured, run the following from the PAN-OS CLI:\n\n\nshow config running | match satellite\n\nIf output is returned, LSVPN is in use.\n\n\n\nYou can also verify in the web interface by navigating to Network > GlobalProtect > Portals, selecting each portal, and checking whether the Satellite tab contains any  configured satellites https://docs.paloaltonetworks.com/ngfw/administration/large-scale-vpn-lsvpn/configure-the-globalprotect-portal-for-lsvpn/define-the-satellite-configurations ."}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.8","versionStartIncluding":"12.1.0","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.7-h2","versionStartIncluding":"12.1.7","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"12.1.4-h8","versionStartIncluding":"12.1.4","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.13","versionStartIncluding":"11.2.0","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.10-h12","versionStartIncluding":"11.2.10","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.7-h18","versionStartIncluding":"11.2.7","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.2.4-h20","versionStartIncluding":"11.2.4","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.16","versionStartIncluding":"11.1.0","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.13-h9","versionStartIncluding":"11.1.13","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.10-h30","versionStartIncluding":"11.1.10","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.7-h8","versionStartIncluding":"11.1.7","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.6-h35","versionStartIncluding":"11.1.6","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"11.1.4-h35","versionStartIncluding":"11.1.4","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.18-h8","versionStartIncluding":"10.2.18","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.16-h9","versionStartIncluding":"10.2.16","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.13-h23","versionStartIncluding":"10.2.13","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.10-h39","versionStartIncluding":"10.2.10","vulnerable":true},{"criteria":"cpe:2.3:o:palo_alto_networks:pan-os:*:*:*:*:*:*:*:*","versionEndExcluding":"10.2.7-h36","versionStartIncluding":"10.2.7","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"credits":[{"lang":"en","type":"finder","value":"Vaibhav Nagar (internal reporter)  and our internal security research teams"}],"datePublic":"2026-07-08T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.<br><br>Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability."}],"value":"An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"impacts":[{"capecId":"CAPEC-115","descriptions":[{"lang":"en","value":"CAPEC-115 Authentication Bypass"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":4.5,"baseSeverity":"MEDIUM","exploitMaturity":"UNREPORTED","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","userInteraction":"NONE","valueDensity":"DIFFUSE","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber","version":"4.0","vulnAvailabilityImpact":"LOW","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnerabilityResponseEffort":"MODERATE"},"format":"CVSS","scenarios":[{"lang":"en","value":"The risk is highest when you allow access to the management interface from external IP addresses on the internet."}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-07-09T19:01:34.210Z","orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto"},"references":[{"tags":["vendor-advisory"],"url":"https://security.paloaltonetworks.com/CVE-2026-0283"}],"solutions":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>Cloud NGFW All<br></td><td></td><td>No action needed.</td></tr><tr>\n                                <td>PAN-OS 12.1<br></td>\n                                <td>12.1.5 through 12.1.7-h*</td>\n                                <td>Upgrade to 12.1.7-h2 or 12.1.8 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>12.1.2 through 12.1.4-h*</td>\n                                <td>Upgrade to 12.1.4-h8 or 12.1.8 or later.</td>\n                            </tr><tr>\n                                <td>PAN-OS 11.2<br></td>\n                                <td>11.2.11 through 11.2.12</td>\n                                <td>Upgrade to 11.2.13 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.2.8 through 11.2.10-h*</td>\n                                <td>Upgrade to 11.2.10-h12 or 11.2.13 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.2.5 through 11.2.7-h*</td>\n                                <td>Upgrade to 11.2.7-h18 or 11.2.13 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.2.0 through 11.2.4-h*</td>\n                                <td>Upgrade to 11.2.4-h20 or 11.2.13 or later.</td>\n                            </tr><tr>\n                                <td>PAN-OS 11.1<br></td>\n                                <td>11.1.14 through 11.1.15</td>\n                                <td>Upgrade to 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.1.11 through 11.1.13-h*</td>\n                                <td>Upgrade to 11.1.13-h9 or 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.1.8 through 11.1.10-h*</td>\n                                <td>Upgrade to 11.1.10-h30 or 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.1.7 through 11.1.7-h*</td>\n                                <td>Upgrade to 11.1.7-h8 or 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.1.5 through 11.1.6-h*</td>\n                                <td>Upgrade to 11.1.6-h35 or 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>11.1.0 through 11.1.4-h*</td>\n                                <td>Upgrade to 11.1.4-h35 or 11.1.16 or later.</td>\n                            </tr><tr>\n                                <td>PAN-OS 10.2<br></td>\n                                <td>10.2.17 through 10.2.18-h*</td>\n                                <td>Upgrade to 10.2.18-h8 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>10.2.14 through 10.2.16-h*</td>\n                                <td>Upgrade to 10.2.16-h9 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>10.2.11 through 10.2.13-h*</td>\n                                <td>Upgrade to 10.2.13-h23 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>10.2.8 through 10.2.10-h*</td>\n                                <td>Upgrade to 10.2.10-h39 or later.</td>\n                            </tr><tr>\n                                <td></td>\n                                <td>10.2.0 through 10.2.7-h*</td>\n                                <td>Upgrade to 10.2.7-h36 or later.</td>\n                            </tr><tr><td>All older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr><tr><td>Prisma Access All<br></td><td></td><td>No action needed.</td></tr></tbody></table>"}],"value":"Version\nMinor Version\nSuggested Solution\nCloud NGFW All\nNo action needed.\n                                PAN-OS 12.1\n\n                                12.1.5 through 12.1.7-h*\n                                Upgrade to 12.1.7-h2 or 12.1.8 or later.\n                            \n                                \n                                12.1.2 through 12.1.4-h*\n                                Upgrade to 12.1.4-h8 or 12.1.8 or later.\n                            \n                                PAN-OS 11.2\n\n                                11.2.11 through 11.2.12\n                                Upgrade to 11.2.13 or later.\n                            \n                                \n                                11.2.8 through 11.2.10-h*\n                                Upgrade to 11.2.10-h12 or 11.2.13 or later.\n                            \n                                \n                                11.2.5 through 11.2.7-h*\n                                Upgrade to 11.2.7-h18 or 11.2.13 or later.\n                            \n                                \n                                11.2.0 through 11.2.4-h*\n                                Upgrade to 11.2.4-h20 or 11.2.13 or later.\n                            \n                                PAN-OS 11.1\n\n                                11.1.14 through 11.1.15\n                                Upgrade to 11.1.16 or later.\n                            \n                                \n                                11.1.11 through 11.1.13-h*\n                                Upgrade to 11.1.13-h9 or 11.1.16 or later.\n                            \n                                \n                                11.1.8 through 11.1.10-h*\n                                Upgrade to 11.1.10-h30 or 11.1.16 or later.\n                            \n                                \n                                11.1.7 through 11.1.7-h*\n                                Upgrade to 11.1.7-h8 or 11.1.16 or later.\n                            \n                                \n                                11.1.5 through 11.1.6-h*\n                                Upgrade to 11.1.6-h35 or 11.1.16 or later.\n                            \n                                \n                                11.1.0 through 11.1.4-h*\n                                Upgrade to 11.1.4-h35 or 11.1.16 or later.\n                            \n                                PAN-OS 10.2\n\n                                10.2.17 through 10.2.18-h*\n                                Upgrade to 10.2.18-h8 or later.\n                            \n                                \n                                10.2.14 through 10.2.16-h*\n                                Upgrade to 10.2.16-h9 or later.\n                            \n                                \n                                10.2.11 through 10.2.13-h*\n                                Upgrade to 10.2.13-h23 or later.\n                            \n                                \n                                10.2.8 through 10.2.10-h*\n                                Upgrade to 10.2.10-h39 or later.\n                            \n                                \n                                10.2.0 through 10.2.7-h*\n                                Upgrade to 10.2.7-h36 or later.\n                            All older\nunsupported\nPAN-OS versions Upgrade to a supported fixed version.Prisma Access All\nNo action needed."}],"source":{"discovery":"INTERNAL"},"timeline":[{"lang":"en","time":"2026-07-08T16:00:00.000Z","value":"Initial publication"}],"title":"PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)","workarounds":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version&nbsp;9122-10145 and later).&nbsp;<br><br>To ensure the Threat ID provides effective protection against this vulnerability, ensure that <a target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184\">vulnerability protection security profile is applied to your GlobalProtect interface</a>.</p>"}],"value":"Customers with a Threat Prevention subscription are provided with limited coverage against this vulnerability when enabling Threat ID 510032 (from Applications and Threats content version 9122-10145 and later). \n\nTo ensure the Threat ID provides effective protection against this vulnerability, ensure that  vulnerability protection security profile is applied to your GlobalProtect interface https://live.paloaltonetworks.com/t5/globalprotect-articles/applying-vulnerability-protection-to-globalprotect-interfaces/ta-p/340184 ."}],"x_affectedList":["PAN-OS 12.1.7-h1","PAN-OS 12.1.7","PAN-OS 12.1.6","PAN-OS 12.1.5","PAN-OS 12.1.4-h7","PAN-OS 12.1.4-h6","PAN-OS 12.1.4-h5","PAN-OS 12.1.4-h3","PAN-OS 12.1.4-h2","PAN-OS 12.1.4","PAN-OS 12.1.3-h3","PAN-OS 12.1.3-h1","PAN-OS 12.1.3","PAN-OS 12.1.2","PAN-OS 11.2.12","PAN-OS 11.2.11","PAN-OS 11.2.10-h10","PAN-OS 11.2.10-h9","PAN-OS 11.2.10-h8","PAN-OS 11.2.10-h7","PAN-OS 11.2.10-h6","PAN-OS 11.2.10-h5","PAN-OS 11.2.10-h4","PAN-OS 11.2.10-h3","PAN-OS 11.2.10-h2","PAN-OS 11.2.10-h1","PAN-OS 11.2.10","PAN-OS 11.2.9","PAN-OS 11.2.8","PAN-OS 11.2.7-h17","PAN-OS 11.2.7-h16","PAN-OS 11.2.7-h15","PAN-OS 11.2.7-h14","PAN-OS 11.2.7-h13","PAN-OS 11.2.7-h12","PAN-OS 11.2.7-h11","PAN-OS 11.2.7-h10","PAN-OS 11.2.7-h8","PAN-OS 11.2.7-h7","PAN-OS 11.2.7-h4","PAN-OS 11.2.7-h3","PAN-OS 11.2.7-h2","PAN-OS 11.2.7-h1","PAN-OS 11.2.7","PAN-OS 11.2.6","PAN-OS 11.2.5","PAN-OS 11.2.4-h18","PAN-OS 11.2.4-h17","PAN-OS 11.2.4-h15","PAN-OS 11.2.4-h14","PAN-OS 11.2.4-h12","PAN-OS 11.2.4-h11","PAN-OS 11.2.4-h10","PAN-OS 11.2.4-h9","PAN-OS 11.2.4-h8","PAN-OS 11.2.4-h7","PAN-OS 11.2.4-h6","PAN-OS 11.2.4-h5","PAN-OS 11.2.4-h4","PAN-OS 11.2.4-h3","PAN-OS 11.2.4-h2","PAN-OS 11.2.4-h1","PAN-OS 11.2.4","PAN-OS 11.2.3-h5","PAN-OS 11.2.3-h4","PAN-OS 11.2.3-h3","PAN-OS 11.2.3-h2","PAN-OS 11.2.3-h1","PAN-OS 11.2.3","PAN-OS 11.2.2-h2","PAN-OS 11.2.2-h1","PAN-OS 11.2.1-h1","PAN-OS 11.2.1","PAN-OS 11.2.0-h1","PAN-OS 11.2.0","PAN-OS 11.1.15","PAN-OS 11.1.14","PAN-OS 11.1.13-h8","PAN-OS 11.1.13-h7","PAN-OS 11.1.13-h6","PAN-OS 11.1.13-h5","PAN-OS 11.1.13-h3","PAN-OS 11.1.13-h2","PAN-OS 11.1.13-h1","PAN-OS 11.1.13","PAN-OS 11.1.12","PAN-OS 11.1.11","PAN-OS 11.1.10-h28","PAN-OS 11.1.10-h27","PAN-OS 11.1.10-h26","PAN-OS 11.1.10-h25","PAN-OS 11.1.10-h21","PAN-OS 11.1.10-h12","PAN-OS 11.1.10-h10","PAN-OS 11.1.10-h9","PAN-OS 11.1.10-h7","PAN-OS 11.1.10-h5","PAN-OS 11.1.10-h4","PAN-OS 11.1.10-h1","PAN-OS 11.1.10","PAN-OS 11.1.9","PAN-OS 11.1.8","PAN-OS 11.1.6-h34","PAN-OS 11.1.6-h33","PAN-OS 11.1.6-h32","PAN-OS 11.1.6-h29","PAN-OS 11.1.6-h25","PAN-OS 11.1.6-h23","PAN-OS 11.1.6-h22","PAN-OS 11.1.6-h21","PAN-OS 11.1.6-h20","PAN-OS 11.1.6-h19","PAN-OS 11.1.6-h18","PAN-OS 11.1.6-h17","PAN-OS 11.1.6-h14","PAN-OS 11.1.6-h10","PAN-OS 11.1.6-h7","PAN-OS 11.1.6-h6","PAN-OS 11.1.6-h4","PAN-OS 11.1.6-h3","PAN-OS 11.1.6-h2","PAN-OS 11.1.6-h1","PAN-OS 11.1.6","PAN-OS 11.1.5-h1","PAN-OS 11.1.5","PAN-OS 11.1.4-h34","PAN-OS 11.1.4-h33","PAN-OS 11.1.4-h32","PAN-OS 11.1.4-h27","PAN-OS 11.1.4-h25","PAN-OS 11.1.4-h18","PAN-OS 11.1.4-h17","PAN-OS 11.1.4-h15","PAN-OS 11.1.4-h13","PAN-OS 11.1.4-h12","PAN-OS 11.1.4-h11","PAN-OS 11.1.4-h10","PAN-OS 11.1.4-h9","PAN-OS 11.1.4-h8","PAN-OS 11.1.4-h7","PAN-OS 11.1.4-h6","PAN-OS 11.1.4-h5","PAN-OS 11.1.4-h4","PAN-OS 11.1.4-h3","PAN-OS 11.1.4-h2","PAN-OS 11.1.4-h1","PAN-OS 11.1.4","PAN-OS 11.1.3-h13","PAN-OS 11.1.3-h12","PAN-OS 11.1.3-h11","PAN-OS 11.1.3-h10","PAN-OS 11.1.3-h9","PAN-OS 11.1.3-h8","PAN-OS 11.1.3-h7","PAN-OS 11.1.3-h6","PAN-OS 11.1.3-h5","PAN-OS 11.1.3-h4","PAN-OS 11.1.3-h3","PAN-OS 11.1.3-h2","PAN-OS 11.1.3-h1","PAN-OS 11.1.3","PAN-OS 11.1.2-h18","PAN-OS 11.1.2-h17","PAN-OS 11.1.2-h16","PAN-OS 11.1.2-h15","PAN-OS 11.1.2-h14","PAN-OS 11.1.2-h13","PAN-OS 11.1.2-h12","PAN-OS 11.1.2-h11","PAN-OS 11.1.2-h10","PAN-OS 11.1.2-h9","PAN-OS 11.1.2-h8","PAN-OS 11.1.2-h7","PAN-OS 11.1.2-h6","PAN-OS 11.1.2-h5","PAN-OS 11.1.2-h4","PAN-OS 11.1.2-h3","PAN-OS 11.1.2-h2","PAN-OS 11.1.2-h1","PAN-OS 11.1.2","PAN-OS 11.1.1-h2","PAN-OS 11.1.1-h1","PAN-OS 11.1.1","PAN-OS 11.1.0-h4","PAN-OS 11.1.0-h3","PAN-OS 11.1.0-h2","PAN-OS 11.1.0-h1","PAN-OS 11.1.0","PAN-OS 10.2.18-h7","PAN-OS 10.2.18-h6","PAN-OS 10.2.18-h5","PAN-OS 10.2.18-h1","PAN-OS 10.2.18","PAN-OS 10.2.17","PAN-OS 10.2.16-h8","PAN-OS 10.2.16-h7","PAN-OS 10.2.16-h6","PAN-OS 10.2.16-h4","PAN-OS 10.2.16-h1","PAN-OS 10.2.16","PAN-OS 10.2.15","PAN-OS 10.2.14-h1","PAN-OS 10.2.14","PAN-OS 10.2.13-h22","PAN-OS 10.2.13-h21","PAN-OS 10.2.13-h18","PAN-OS 10.2.13-h16","PAN-OS 10.2.13-h15","PAN-OS 10.2.13-h10","PAN-OS 10.2.13-h7","PAN-OS 10.2.13-h5","PAN-OS 10.2.13-h4","PAN-OS 10.2.13-h3","PAN-OS 10.2.13-h2","PAN-OS 10.2.13-h1","PAN-OS 10.2.13","PAN-OS 10.2.12-h6","PAN-OS 10.2.12-h5","PAN-OS 10.2.12-h4","PAN-OS 10.2.12-h3","PAN-OS 10.2.12-h2","PAN-OS 10.2.12-h1","PAN-OS 10.2.12","PAN-OS 10.2.11-h13","PAN-OS 10.2.11-h12","PAN-OS 10.2.11-h11","PAN-OS 10.2.11-h10","PAN-OS 10.2.11-h9","PAN-OS 10.2.11-h8","PAN-OS 10.2.11-h7","PAN-OS 10.2.11-h6","PAN-OS 10.2.11-h5","PAN-OS 10.2.11-h4","PAN-OS 10.2.11-h3","PAN-OS 10.2.11-h2","PAN-OS 10.2.11-h1","PAN-OS 10.2.11","PAN-OS 10.2.10-h37","PAN-OS 10.2.10-h36","PAN-OS 10.2.10-h31","PAN-OS 10.2.10-h30","PAN-OS 10.2.10-h27","PAN-OS 10.2.10-h26","PAN-OS 10.2.10-h23","PAN-OS 10.2.10-h21","PAN-OS 10.2.10-h18","PAN-OS 10.2.10-h17","PAN-OS 10.2.10-h14","PAN-OS 10.2.10-h13","PAN-OS 10.2.10-h12","PAN-OS 10.2.10-h11","PAN-OS 10.2.10-h10","PAN-OS 10.2.10-h9","PAN-OS 10.2.10-h8","PAN-OS 10.2.10-h7","PAN-OS 10.2.10-h6","PAN-OS 10.2.10-h5","PAN-OS 10.2.10-h4","PAN-OS 10.2.10-h3","PAN-OS 10.2.10-h2","PAN-OS 10.2.10-h1","PAN-OS 10.2.10","PAN-OS 10.2.9-h21","PAN-OS 10.2.9-h20","PAN-OS 10.2.9-h19","PAN-OS 10.2.9-h18","PAN-OS 10.2.9-h17","PAN-OS 10.2.9-h16","PAN-OS 10.2.9-h15","PAN-OS 10.2.9-h14","PAN-OS 10.2.9-h13","PAN-OS 10.2.9-h12","PAN-OS 10.2.9-h11","PAN-OS 10.2.9-h10","PAN-OS 10.2.9-h9","PAN-OS 10.2.9-h8","PAN-OS 10.2.9-h7","PAN-OS 10.2.9-h6","PAN-OS 10.2.9-h5","PAN-OS 10.2.9-h4","PAN-OS 10.2.9-h3","PAN-OS 10.2.9-h2","PAN-OS 10.2.9-h1","PAN-OS 10.2.9","PAN-OS 10.2.8-h21","PAN-OS 10.2.8-h20","PAN-OS 10.2.8-h19","PAN-OS 10.2.8-h18","PAN-OS 10.2.8-h17","PAN-OS 10.2.8-h16","PAN-OS 10.2.8-h15","PAN-OS 10.2.8-h14","PAN-OS 10.2.8-h13","PAN-OS 10.2.8-h12","PAN-OS 10.2.8-h11","PAN-OS 10.2.8-h10","PAN-OS 10.2.8-h9","PAN-OS 10.2.8-h8","PAN-OS 10.2.8-h7","PAN-OS 10.2.8-h6","PAN-OS 10.2.8-h5","PAN-OS 10.2.8-h4","PAN-OS 10.2.8-h3","PAN-OS 10.2.8-h2","PAN-OS 10.2.8-h1","PAN-OS 10.2.8","PAN-OS 10.2.7-h35","PAN-OS 10.2.7-h34","PAN-OS 10.2.7-h32","PAN-OS 10.2.7-h24","PAN-OS 10.2.7-h23","PAN-OS 10.2.7-h22","PAN-OS 10.2.7-h21","PAN-OS 10.2.7-h20","PAN-OS 10.2.7-h19","PAN-OS 10.2.7-h18","PAN-OS 10.2.7-h17","PAN-OS 10.2.7-h16","PAN-OS 10.2.7-h15","PAN-OS 10.2.7-h14","PAN-OS 10.2.7-h13","PAN-OS 10.2.7-h12","PAN-OS 10.2.7-h11","PAN-OS 10.2.7-h10","PAN-OS 10.2.7-h9","PAN-OS 10.2.7-h8","PAN-OS 10.2.7-h7","PAN-OS 10.2.7-h6","PAN-OS 10.2.7-h5","PAN-OS 10.2.7-h4","PAN-OS 10.2.7-h3","PAN-OS 10.2.7-h2","PAN-OS 10.2.7-h1","PAN-OS 10.2.7","PAN-OS 10.2.6-h6","PAN-OS 10.2.6-h5","PAN-OS 10.2.6-h4","PAN-OS 10.2.6-h3","PAN-OS 10.2.6-h2","PAN-OS 10.2.6-h1","PAN-OS 10.2.6","PAN-OS 10.2.5-h9","PAN-OS 10.2.5-h8","PAN-OS 10.2.5-h7","PAN-OS 10.2.5-h6","PAN-OS 10.2.5-h5","PAN-OS 10.2.5-h4","PAN-OS 10.2.5-h3","PAN-OS 10.2.5-h2","PAN-OS 10.2.5-h1","PAN-OS 10.2.5","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0"],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}}},"cveMetadata":{"assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","assignerShortName":"palo_alto","cveId":"CVE-2026-0283","datePublished":"2026-07-09T19:01:34.210Z","dateReserved":"2025-11-03T20:44:41.929Z","dateUpdated":"2026-07-09T19:25:07.889Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-07-09 19:17:00","lastModifiedDate":"2026-07-09 20:16:26","problem_types":["CWE-306","CWE-306 CWE-306 Missing Authentication for Critical Function"],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NO","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T19:24:57.850143Z","id":"CVE-2026-0283","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"283","Ordinal":"1","Title":"PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (","CVE":"CVE-2026-0283","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"283","Ordinal":"1","NoteData":"An authentication bypass vulnerability in Large Scale VPN ( LSVPN) functionality of Palo Alto Networks PAN-OS software allows an attacker with network access to bypass security restrictions and establish an unauthorized site-to-site VPN connection.\n\nPanorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.","Type":"Description","Title":"PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN ("}]}}}