BugZero | Palo Alto Networks BugID PAN-109759 - Fixed an issue where the firewall did not generate...

OPERATIONAL DEFECT DATABASE

...

BugZero | Palo Alto Networks BugID PAN-109759 - Fixed an issue where the firewall did not generate...

Palo Alto Networks - Defect ID: PAN-109759

Fixed an issue where the firewall did not generate a notification for the GlobalProtect client when the firewall denied unencrypted TLS sessions due to an authentication policy match.

Palo Alto Networks - Defect ID: PAN-109759

Fixed an issue where the firewall did not generate a notification for the GlobalProtect client when the firewall denied unencrypted TLS sessions due to an authentication policy match.

Last updated on July 22nd, 2025

BugZero Risk Score
6.3 Medium

Overall: 6.3

Severity: 6.4

Community: 3.7

Lifecycle: 10.0

What is the BugZero Risk Score?

Palo Alto Networks Integration

Learn more about where this data comes from

Palo Alto Networks Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Description

The earliest recollection of this bug is traced back to PAN-OS 10.1.0 - July 22, 2025. This bug is fixed in PAN-OS versions 8.1.8, 10.1.2. The firewall does not generate a notification for the GlobalProtect client when the firewall denies an unencrypted TLS session due to an authentication policy match. Fixed an issue where the firewall did not generate a notification for the GlobalProtect client when the firewall denied unencrypted TLS sessions due to an authentication policy match. For more information: https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-release-notes/pan-os-10-1-0-known-and-addressed-issues/pan-os-10-1-0-known-issues https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-release-notes/pan-os-10-1-1-known-and-addressed-issues/pan-os-10-1-1-known-issues https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-release-notes/pan-os-10-1-2-known-and-addressed-issues/pan-os-10-1-2-addressed-issues https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-addressed-issues/pan-os-8-1-8-addressed-issues https://docs.paloaltonetworks.com/pan-os/8-1/pan-os-release-notes/pan-os-8-1-release-information/known-issues/known-issues-related-to-pan-os-8-1-releases https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-1-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-10-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-11-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-12-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-13-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-14-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-15-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-16-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-17-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-18-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-19-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-2-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-3-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-4-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-5-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-6-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-7-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-8-known-issues https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-release-notes/pan-os-9-1-release-information/known-issues/known-issues-related-to-pan-os-9-1-releases/pan-os-9-1-9-known-issues

Relevant Products

Click on a version to see all relevant bugs

Affected versions:9.1.19, 9.1.5, 9.1.2, 9.1.18, 10.1.0, 10.1.1, 9.1.3, 9.1.8, 9.1, 9.1.10, 9.1.15, 9.1.1, 9.1.6, 9.1.12, 9.1.14, 9.1.11, 9.1.13, 9.1.9, 9.1.16, 9.1.7, 9.1.17, 9.1.4, 8.1

Fixed versions: 8.1.8, 10.1.2

Relevant Products

Click on a version to see all relevant bugs

Affected versions:9.1.19, 9.1.5, 9.1.2, 9.1.18, 10.1.0, 10.1.1, 9.1.3, 9.1.8, 9.1, 9.1.10, 9.1.15, 9.1.1, 9.1.6, 9.1.12, 9.1.14, 9.1.11, 9.1.13, 9.1.9, 9.1.16, 9.1.7, 9.1.17, 9.1.4, 8.1

Fixed versions: 8.1.8, 10.1.2

Top Palo Alto Networks Defects

6.8Defect ID: PAN-229865
Upgrading a PA-220 firewall running a PAN-OS 10.1 release fails when the target PAN-OS upgrade version is PAN-OS 10.2.5. Workaround: On your upgrade path to PAN-OS 10.2.5, first upgrade to PAN-OS 10.2.4 and then upgrade to PAN-OS 10.2.5.
6.6Defect ID: PAN-263226
Fixed an issue where, when SSL decryption was enabled and Client Hello messages spanned multiple TCP segments, some SSL decrypted sessions failed.
6.5Defect ID: PAN-259769
GlobalProtect portal is not accessible via a web browser and the app displays the error ERR_EMPTY_RESPONSE .
6.5Defect ID: 5754
In WildFire appliance clusters, issuing the show cluster controller CLI command generates an error when an IPv6 address is configured for the management interface but not for the cluster interface. Workaround: Ensure all WildFire appliance interfaces that are enabled use matching protocols (all IPv4 or all IPv6).
6.4Defect ID: 5843
In a WildFire appliance cluster, issuing the show cluster-all peers CLI command when a node within the cluster is being rebooted generates the following error: Server error : An error occured.

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

Palo Alto Networks - Defect ID: PAN-109759

Fixed an issue where the firewall did not generate a notification for the GlobalProtect client when the firewall denied unencrypted TLS sessions due to an authentication policy match.

Palo Alto Networks - Defect ID: PAN-109759

Fixed an issue where the firewall did not generate a notification for the GlobalProtect client when the firewall denied unencrypted TLS sessions due to an authentication policy match.

Last updated on July 22nd, 2025

BugZero Risk Score6.3 Medium

Bug Details

Top Palo Alto Networks Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.3 Medium