>
    Strata Copilot
    PAN-OS 9.0.2 Addressed Issues
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. PAN-OS 9.0 Addressed Issues
    4. PAN-OS 9.0.2 Addressed Issues
    Download PDF

    PAN-OS 9.0.2 Addressed Issues

    Table of Contents
    End-of-Life (EoL)

    PAN-OS 9.0.2 Addressed Issues

    PAN-OS® 9.0.2 addressed issues.
    Issue ID
    Description
    WF500-5023
    Fixed an issue on WF-500 appliances where the cluster service took longer than expected to start due to a large number of queued sample data.
    WF500-5022
    Fixed an issue where a non-functioning CLI command was removed from WF-500 appliances.
    WF500-4974
    Fixed an issue on a WF-500 appliance where the static analysis results displayed in the PDF report but did not display in the WildFire® analysis summary of the web interface.
    WF500-4844
    Fixed an issue on WildFire appliance clusters where the passive-controller responded with the incorrect Common Name (CN) in the certificate, which caused the registration to fail.
    WF500-4838
    Fixed an intermittent issue on a WF-500 appliance where WildFire reports took longer than expected to generate, which caused the task to automatically timeout.
    WF500-4784
    Fixed an issue on a WF-500 appliance where during a reboot, the following error message displayed: FATAL: module nbd not found.
    WF500-4743
    Fixed an intermittent issue on a WF-500 appliance where the CLI command debug wildfire reset global-database fix became unresponsive.
    PAN-118065
    (M-Series Panorama™ management servers in Management Only mode) When you delete the local Log Collector (PanoramaManaged Collectors), it disables the 1/1 ethernet interface in the Panorama configuration as expected but the interface still displays as Up when you execute the show interface all command in the CLI after you commit.
    Workaround:Disable the 1/1 ethernet interface before you delete the local log collector and then commit the configuration change.
    PAN-116919
    (Microsoft Azure only) Fixed an issue where the firewall dropped packets passing through IPSec tunnels if you enabled jumbo frames (DeviceSetupSessionSession Settings).
    PAN-116658
    Fixed a rare issue where the firewall sent HTTP/2 DATA frames with incorrect padding byte lengths, which caused software buffer corruption and a process (all_pktproc) to stop responding.
    PAN-116316
    Fixed an issue where RTP and RTCP predict sessions failed, which caused the firewall to stop processing RTSP-based video streaming.
    PAN-116084
    Fixed an issue where a VM-Series firewall on Microsoft Azure deployed using MMAP dropped traffic when the firewall was experiencing heavy traffic.
    PAN-115592
    Fixed an issue where the firewall rebooted due to a plugin memory leak.
    PAN-115591
    Fixed an issue where the snmpd process was leaking memory when polling for global counters.
    PAN-114984
    Fixed OpenSSL vulnerability CVE-2019-1559, see PAN-SA-2019-0039 for details.
    PAN-114893
    Fixed an issue where a context switch from Panorama to a firewall did not respond as expected when a web browser was used.
    PAN-114804
    Fixed an issue where a configuration change resets to "default" when you conducted a search in the Categories (ObjectsURL FilteringCategories) web interface.
    PAN-114601
    Fixed an issue where the Allow List (DeviceSetupAuthentication Setting<authentication profile - name>Authentication) did not update after you added new users to a group in the Active Directory.
    PAN-114255
    Fixed an issue where Bidirectional Forwarding Detection (BFD) went down temporarily during a commit or EDL refresh if you configured a large value for the BFD Hold Time.
    PAN-114003
    Fixed an issue on a Panorama management server running PAN-OS 9.0 where a context switch to firewalls did not respond.
    PAN-113829
    Fixed an issue where, after you upgraded the firewall to PAN-OS® 9.0, a firewall configured from "none" to "allow" in the custom URL category reverted to "none" after a commit.
    PAN-113692
    Fixed an intermittent issue on a firewall in a high availability (HA) active/passive configuration where five minutes after a failover test IP routes disappeared, which caused traffic interruptions.
    PAN-113608
    Fixed an issue on a firewall with packet capture (pcap) enabled where the log receiver stopped responding when larger than expected packets were received.
    PAN-113414
    Fixed an issue where the User-ID™ (useridd) process stopped responding.
    PAN-112815
    Fixed an issue on a firewall in an HA active/passive configuration where a process (useridd) did not respond to the alternate user attribute (DeviceUser IdentificationGroup Mapping Settings<group mapping-name>User and Group Attributes) on the passive firewall during a restart.
    PAN-112814
    Fixed an issue where H.323-based calls lost audio because the predicted H.245 session was not converted to Active status, which caused the firewall to drop the H.245 traffic.
    PAN-112729
    Fixed an issue on Panorama M-Series and virtual appliances where Decrypted Sessions Info (PanoramaManaged DevicesHealthAll Devices<device-name>Sessions) did not display as expected for VM-Series firewalls.
    PAN-112699
    (VM-Series firewall on AWS running on a C5 or M5 instance only) Fixed an issue where you were unable use the mgmt-interface-swap command to swap the interfaces for deploying a VM-Series firewall behind a web load balancer (such as AWS ALB or Classic ELB).
    PAN-112626
    Fixed an issue where a new DNS Security subscription was not available on your VM-Series firewall after you upgraded to a PAN-OS 9.0® release with a PAYG Bundle 2 license.
    PAN-112445
    Fixed an issue on a firewall in an HA active/passive configuration where a race condition caused the firewall to stop responding after an HA1 link flap.
    PAN-112340
    Fixed an issue with performance, including high CPU usage, that occurred when you enabled URL Filtering without enabling Threat Prevention in an environment that processes a large number (thousands) of URL look-ups per second per dataplane.
    PAN-112194
    Fixed an issue where packet buffers did not release GlobalProtect™ clientless VPN packets, which caused the firewall to stop responding.
    PAN-111679
    Fixed an issue where URL filtering profiles were being incorrectly applied to security policies during a commit.
    PAN-111553
    Fixed an issue on the Panorama management server where the Include Device and Network Templates setting (CommitPush to DevicesEdit Selections or CommitCommit and PushEdit Selections) was disabled by default and caused your push attempts to fail. With this fix, your push will Include Device and Network Templates by default.
    PAN-111540
    Fixed an issue on PA-5200 Series firewalls where the dataplane stopped responding when the session table was full.
    PAN-111251
    Fixed an issue where administrators were unable to use the CLI to enable or disable DNS Rewrite under a Destination NAT policy rule (they were able to execute the command but the firewall did not implement the change).
    PAN-110390
    Fixed an issue on PA-7000 Series firewalls where invalid filters caused the device management server to stop responding when you generated a database (DB) report from a remote firewall.
    PAN-110273
    Fixed an issue where you were unable to establish OSPF neighborship when an OSPF routing protocol was configured with MD5 authentication and one of the firewalls was restarted.
    PAN-109672
    Fixed an issue on a VM-Series firewall in an HA active/passive configuration where the passive firewall received buffered packets while in an idle state when the data plane development kit (DPDK) is enabled.
    PAN-109344
    Fixed an issue where service objects did not import into Panorama when you configured them identically but with different names.
    PAN-108374
    Fixed an issue on GlobalProtect where you were unable to authenticate when the domain name included the ampersand ( "&" ) character.
    PAN-106518
    Fixed an issue on Panorama M-Series and virtual appliances where predefined DHCP options did not accept template variables when you configured a DHCP server for a template.
    PAN-101341
    Fixed an issue where administrators configured with Device Group and Template Admin type were unable to perform a global search and returned the following message: Unauthorized request.

    © 2026 Palo Alto Networks, Inc. All rights reserved.