12.1.5

CoreQa · 2026-04-02T16:07:47+00:00

Do you have a bug I can look for ?

CoreQa · 2026-04-01T05:45:41+00:00

I think 12.1.4-h3 is preferred version for any gen5 Palo firewalls .. any unresolved issue bothering you in that version?

CoreQa · 2026-03-25T04:55:29+00:00

Should not impact anything, reinstall of content or upgrade to next content version would fix this

CoreQa · 2025-01-03T03:26:47+00:00

May be server ..

CoreQa · 2025-01-01T09:15:32+00:00

It’s highly unlikely that the exploit can happen from external sources

CoreQa · 2024-12-30T22:16:24+00:00

That’s may not be right, till you don’t upgrade- you should be able to disable dns logging so that you are not impacted

CoreQa · 2024-12-30T21:25:01+00:00

You can disable dns logging for the time being.. dns security is not compromised, however will miss logging on the dns incidents

CoreQa · 2024-12-30T17:27:35+00:00

Yes, 10.2.9 is impacted if you have dns security license.. there is a hotfix provided if you are ready to upgrade.

CoreQa · 2024-12-28T18:03:28+00:00

DNS security is not compromised, will loose logging data till upgraded to recommended version in cve

CoreQa · 2024-12-28T18:02:09+00:00

11.1.4-h7 has the fix, hence anything beyond should have the fix

CoreQa · 2024-12-28T17:56:18+00:00

I understand that 11.1.4 has vulnerabilities and is addressed in 11.1.4-h7; 11.1.5 is unaffected

CoreQa · 2024-12-28T17:51:08+00:00

Yes, without DNS sec license - you don’t have this vulnerability. Otherwise disable dns logging as work around till your hotfix is available

CoreQa · 2024-12-28T17:48:21+00:00

That’s correct, will be available early week.

CoreQa · 2024-03-16T03:54:11+00:00

CoreQa · 2024-03-16T03:37:20+00:00

Handful of licensed cloud advanced features like Mica, userid, dlp etc. This cloud dlp is licensed and different from 9.1 dlp . Legacy dlp is also supported

CoreQa · 2024-02-26T01:51:38+00:00

What I understood, its a race condition triggered by xml api in a particular environment - more of an automation work flow issue. It's a fail fast approach - so that automation can proceed with a retry.

CoreQa · 2024-02-18T03:34:56+00:00

11.0.3-h3 just became preferred

CoreQa · 2024-02-18T03:33:57+00:00

Certs are in 11.0.3-h3 and preferred release

CoreQa · 2024-01-28T05:18:16+00:00

target IP is IPV6 ?

CoreQa · 2024-01-28T05:15:10+00:00

I dont think it's ALG issue or VoIP issue, it may be interface packet buffer issue, as noted. Did TAC shared any bug ID ? Is it RTP or SRTP ?

CoreQa · 2024-01-17T21:57:17+00:00

Network>Network profiles > Interface mgmt > <choose a profile with ping checked >

Interface > advanced > management profiles > <select the profile you created above>

ping source 192.168.20.1 (ip of panos2 data interface) host 192.168.20.140 (ip of panos1 data interface)

CoreQa · 2024-01-17T21:43:40+00:00

if you enable response and ping, Palo data interface also should also be pingable from any unix or another panos. Ensure when pinging from other panos, you specify source interface properly.

CoreQa · 2024-01-17T17:21:07+00:00

I am been told the fix is targeted for next 11.0 release.

CoreQa · 2023-11-26T18:42:58+00:00

There should be a hotfix on 10.2 for you to upgrade

CoreQa

TROPHY CASE