Palo Alto Networks has published 2 new Security Advisories addressing two security issues to https://securityadvisories.paloaltonetworks.com/ .
PAN-SA-2018-0009 - Cross-Site Scripting in GlobalProtect Portal
• Medium Severity
• Fixed in PAN-OS 7.1.19 and PAN-OS 8.0.12
• Affects the PAN-OS response page for GlobalProtect
• CVE-2018-10139
PAN-SA-2018-0010 - Denial of Service in PAN-OS Management Web Interface
• Low Severity
• Fixed in PAN-OS 8.1.3
• Affects the PAN-OS Management Web Interface
• CVE-2018-10140
CVEs will be posted to https://cve.mitre.org within 2 business days.
Details of the issues, affected versions, and any mitigation information can be found in the Security Advisories.
Please visit our Security Advisories website to learn more at https://securityadvisories.paloaltonetworks.com/
If you have questions, please contact support https://www.paloaltonetworks.com/company/contact-support
Regards
Product Security Incident Response Team
Palo Alto Networks