An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption.
Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B’s state.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pan-os | Paloaltonetworks | 9.0.0 (including) | 9.0.16 (excluding) |
| Pan-os | Paloaltonetworks | 9.1.0 (including) | 9.1.17 (excluding) |
| Pan-os | Paloaltonetworks | 10.0.0 (including) | 10.0.13 (excluding) |
| Pan-os | Paloaltonetworks | 10.1.0 (including) | 10.1.8 (including) |
| Pan-os | Paloaltonetworks | 10.2.0 (including) | 10.2.4 (excluding) |
| Pan-os | Paloaltonetworks | 11.0.0 (including) | 11.0.1 (excluding) |
| Pan-os | Paloaltonetworks | 9.0.17 (including) | 9.0.17 (including) |
| Pan-os | Paloaltonetworks | 9.0.17-h1 (including) | 9.0.17-h1 (including) |
| Pan-os | Paloaltonetworks | 10.1.9 (including) | 10.1.9 (including) |
| Pan-os | Paloaltonetworks | 10.1.9-h1 (including) | 10.1.9-h1 (including) |
| Pan-os | Paloaltonetworks | 10.2.4 (including) | 10.2.4 (including) |
| Pan-os | Paloaltonetworks | 11.0.1 (including) | 11.0.1 (including) |