PAN-OS 10.0.4 Addressed Issues
Focus
Focus

PAN-OS 10.0.4 Addressed Issues

Table of Contents
End-of-Life (EoL)

PAN-OS 10.0.4 Addressed Issues

PAN-OS® 10.0.4 addressed issues.
Issue ID
Description
PAN-161613
Fixed an issue where the
Dashboard
incorrectly displayed the Log Forwarding Card (LFC) port status.
PAN-161121
Fixed an issue on the Panorama management server that caused invalid reference errors when attempting to delete an address object (
Objects > Addresses
) after removing the address object reference from an address group (
Objects > Address Groups
) resulting in you being unable commit and push the configuration to managed firewalls.
PAN-160974
Fixed an issue on Panorama where, if
Source Address Exclusion
(Network > Zone Protection > Reconnaissance Protection
) was configured,
Flood Protection
was disabled.
PAN-160376
Fixed an issue where, for local administrators using an authentication profile, the
save filter
(
Monitor > Logs
) option was grayed out.
PAN-160163
Fixed an issue where icons in the left sidebar had multiple layers.
PAN-159856
Fixed an issue where, when a factory reset was performed on a Panorama appliance with PAN-OS 10.0, the appliance repeatedly rebooted.
PAN-159850
Fixed an issue where syslog server monitoring stopped working when the first tuple in regex matching was always a whole string.
PAN-159826
Fixed an issue where SSL VPN leaked when the default browser feature on GlobalProtect was not enabled.
PAN-159508
Fixed an IPSec tunnel memory leak issue where IPSec tunnels failed during rekey.
PAN-158988
Fixed an issue with HTTP Header Insertion where the payload was truncated when processing a segmented TCP stream and when the client retransmitted the packet with the same sequence number that was previously received segmented.
PAN-158650
Fixed an issue where several operations and processes stopped responding due to a deadlock issue between the CLI thread and the Terminal Server (TS) agent message processing the thread.
PAN-158461
Fixed an issue where editing an application filter object caused excluded applications to be included.
PAN-157885
Fixed an issue where you could not prioritize the tunnel preference for your branches and hubs in SD-WAN full mesh VPN clusters.
PAN-157620
(
VM-Series firewalls deployed in Amazon Web Services (AWS) instance types M5 and C5 only
) Fixed an issue where a Panorama Virtual Appliance in a high availability (HA) configuration entered a suspended state due to a virtual machine (VM) memory size mismatch.
PAN-157319
(
PA-7000 Series firewalls with Log Forwarding Cards (LFCs) only
) Fixed an issue where GlobalProtect logs showed the incorrect client version and did not show event ID information.
PAN-156728
Fixed an issue where GlobalProtect user traffic did not correctly match Security policy rules that had host information profile (HIP) objects and profiles.
PAN-156549
Fixed an issue where the download link was omitted on scheduled email reports for SaaS application usage.
PAN-156240
A fix was made to address an issue where a cryptographically weak pseudo-random number generator (PRNG) was used during authentication to the PAN-OS web interface to enable an attacker to observe their own authenticated secrets on the firewall over a long duration, which enabled them to impersonate another authenticated web interface administrator’s session (CVE-2021-3047).
PAN-156115
Fixed an issue where, if the firewall had the standard support license, the
License
tab did not display the license details after an upgrade to PAN-OS 10.0.1.
PAN-155824
Fixed a rare issue where Open Shortest Path First (OSPF) links flapped.
PAN-155672
Fixed an issue where inserting or removing copper and optic modules in PAN-OS 10.0.1 caused a process (brdagent) to stop responding.
PAN-154365
Fixed an issue where Security policy rules targeted by tags incorrectly displayed as deleted when previewing commit changes.
PAN-154323
Fixed an issue in Panorama where frequent API requests caused the Panorama web interface to become unresponsive. This issue occurred because the web interface automatically refreshed after each request.
PAN-154208
Fixed an issue where the
Device
icon was not displayed (
Policies > Security > Name > Source > Source Device > Add
or
Policies > Security > Name > Destination > Destination Device > Add
).
PAN-154190
Fixed an issue where Data Loss Prevention (DLP) did not support the upload of Office Open XML (OOXML) files generated from Google suite applications such as Google Docs, Slides, and Sheets.
PAN-153705
Fixed an issue where packets were not evenly distributed among a process (pan_tasks), which caused latency and poor performance.
PAN-153547
Fixed an issue where the login banner size increased.
PAN-151997
Fixed an issue where the option to sinkhole was not displayed in the ACC filter drop-down (
ACC > Threat Activity > Global filters > Action
).
PAN-151872
Fixed an issue where MAC addresses containing certain characters in sequential order caused an issue with TCP connections
PAN-151803
Fixed an issue on Panorama where commits failed when using
device-id
as a template variable.
PAN-151458
Fixed an issue on firewalls with HA active/active configurations where GlobalProtect gateways timed out on-demand connections. This occurred because the
Inactivity Logout
timer did not reset.
PAN-150968
Fixed a rare issue with HTTP/2 decryption that caused packet header bytes to be corrupted, which caused packet drops.
PAN-147792
Fixed an issue where a process (configd) stopped responding due to a buffer overflow.
PAN-147221
Improved QoS scheduling for Bidirectional Forwarding Detection (BFD) and BGP to address the internal handling of BGP and BFD packets under high resource constraints
PAN-145417
Debug commands were added to address an issue where the firewall connect to Cortex Data Lake due to the Online Certificate Status Protocol (OSCP) message missing the
nextUpdate
value in the OSCP response.
PAN-134461
Fixed an issue where an admin user authenticated to Panorama with RADIUS and assigned a Device Group and Template Admin role using access domains was unable to add a managed firewall to Panorama and received the following error message:
Import failed user <username> does not exist
.
PAN-133863
Fixed an issue where the Panorama Virtual Appliance in Log Collector mode went into maintenance mode due to a process (reportd) not responding.
PAN-122281
An error check process (mcelog) was added to capture hardware failure reasons detected by the processor.

Recommended For You