CWE-384
AllowedSession Fixation
Abstraction: Compound · Status: Incomplete
Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
547 vulnerabilities reference this CWE, most recent first.
CVE-2025-7014 (GCVE-0-2025-7014)
Vulnerability from cvelistv5 – Published: 2026-01-29 13:47 – Updated: 2026-06-05 13:52- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-26-0007 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
| Vendor | Product | Version | |
|---|---|---|---|
| QR Menu Pro Smart Menu Systems | Menu Panel |
Affected:
0 , ≤ 29012026
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-7014",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T15:56:05.817554Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T16:43:45.589Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Menu Panel",
"vendor": "QR Menu Pro Smart Menu Systems",
"versions": [
{
"lessThanOrEqual": "29012026",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u015eahnur Eren ALO\u011eLU"
}
],
"datePublic": "2026-01-29T13:46:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.\u003cp\u003eThis issue affects Menu Panel: through 29012026.\u0026nbsp;\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\u003c/p\u003e"
}
],
"value": "Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.\n\nThis issue affects Menu Panel: through 29012026.\u00a0\n\nNOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T13:52:28.154Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-26-0007"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0007"
}
],
"source": {
"advisory": "TR-26-0007",
"defect": [
"TR-26-0007"
],
"discovery": "UNKNOWN"
},
"title": "Session Hijacking in QRMenumPro\u0027s Menu Panel",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-7014",
"datePublished": "2026-01-29T13:47:31.235Z",
"dateReserved": "2025-07-02T11:40:33.818Z",
"dateUpdated": "2026-06-05T13:52:28.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4644 (GCVE-0-2025-4644)
Vulnerability from cvelistv5 – Published: 2025-08-29 10:01 – Updated: 2025-08-29 11:53 X_Open Source- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/08/CVE-2025-4643 | third-party-advisory |
| https://payloadcms.com | product |
| https://github.com/payloadcms/payload | product |
| Vendor | Product | Version | |
|---|---|---|---|
| Payload CMS | Payload |
Affected:
0 , < 3.44.0
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-29T11:53:19.070887Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T11:53:31.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Payload",
"vendor": "Payload CMS",
"versions": [
{
"lessThan": "3.44.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arkadiusz Marta"
}
],
"datePublic": "2025-08-29T10:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Session Fixation vulnerability existed in Payload\u0027s SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token (JWT), and then delete the account, which did not invalidate the JWT. As a result, the next newly created user would receive the same identifier, allowing the attacker to reuse the JWT to authenticate and perform actions as that user.\u003cbr\u003e\u003cbr\u003eThis issue has been fixed in version 3.44.0 of Payload.\u003cbr\u003e"
}
],
"value": "A Session Fixation vulnerability existed in Payload\u0027s SQLite adapter due to identifier reuse during account creation. A malicious attacker could create a new account, save its JSON Web Token (JWT), and then delete the account, which did not invalidate the JWT. As a result, the next newly created user would receive the same identifier, allowing the attacker to reuse the JWT to authenticate and perform actions as that user.\n\nThis issue has been fixed in version 3.44.0 of Payload."
}
],
"impacts": [
{
"capecId": "CAPEC-61",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-61 Session Fixation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T10:01:13.697Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/08/CVE-2025-4643"
},
{
"tags": [
"product"
],
"url": "https://payloadcms.com"
},
{
"tags": [
"product"
],
"url": "https://github.com/payloadcms/payload"
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"x_open-source"
],
"title": "User Session Fixation after Account Removal in PayloadCMS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2025-4644",
"datePublished": "2025-08-29T10:01:13.697Z",
"dateReserved": "2025-05-13T07:10:08.331Z",
"dateUpdated": "2025-08-29T11:53:31.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1412 (GCVE-0-2025-1412)
Vulnerability from cvelistv5 – Published: 2025-02-24 07:24 – Updated: 2025-02-24 11:23- CWE-384 - Session Fixation
| Vendor | Product | Version | |
|---|---|---|---|
| Mattermost | Mattermost |
Affected:
9.11.0 , ≤ 9.11.6
(semver)
Affected: 10.4.0 , ≤ 10.4.1 (semver) Unaffected: 10.5.0 Unaffected: 9.11.7 Unaffected: 10.4.2 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1412",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-24T11:23:21.515091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T11:23:35.862Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Mattermost",
"vendor": "Mattermost",
"versions": [
{
"lessThanOrEqual": "9.11.6",
"status": "affected",
"version": "9.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "10.4.1",
"status": "affected",
"version": "10.4.0",
"versionType": "semver"
},
{
"status": "unaffected",
"version": "10.5.0"
},
{
"status": "unaffected",
"version": "9.11.7"
},
{
"status": "unaffected",
"version": "10.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "eAhmed"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eMattermost versions 9.11.x \u0026lt;= 9.11.6, 10.4.x \u0026lt;= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot.\u003c/p\u003e"
}
],
"value": "Mattermost versions 9.11.x \u003c= 9.11.6, 10.4.x \u003c= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T07:24:47.043Z",
"orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"shortName": "Mattermost"
},
"references": [
{
"url": "https://mattermost.com/security-updates"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eUpdate Mattermost to versions 10.5.0, 9.11.7, 10.4.2 or higher.\u003c/p\u003e"
}
],
"value": "Update Mattermost to versions 10.5.0, 9.11.7, 10.4.2 or higher."
}
],
"source": {
"advisory": "MMSA-2024-00414",
"defect": [
"https://mattermost.atlassian.net/browse/MM-62187"
],
"discovery": "EXTERNAL"
},
"title": "Session Persistence After User-to-Bot Conversion",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
"assignerShortName": "Mattermost",
"cveId": "CVE-2025-1412",
"datePublished": "2025-02-24T07:24:47.043Z",
"dateReserved": "2025-02-18T11:59:15.633Z",
"dateUpdated": "2025-02-24T11:23:35.862Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0253 (GCVE-0-2025-0253)
Vulnerability from cvelistv5 – Published: 2025-07-25 00:16 – Updated: 2025-07-25 13:18- CWE-384 - Session Fixation
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:18:25.012399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:18:29.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities.\u003cbr\u003e"
}
],
"value": "HCL IEM is affected by a cookie attribute not set vulnerability due to inconsistency of certain security-related configurations which could increase exposure to potential vulnerabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:16:19.560Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL IEM is affected by a cookie attribute not set vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0253",
"datePublished": "2025-07-25T00:16:19.560Z",
"dateReserved": "2025-01-06T16:00:28.871Z",
"dateUpdated": "2025-07-25T13:18:29.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0251 (GCVE-0-2025-0251)
Vulnerability from cvelistv5 – Published: 2025-07-25 00:06 – Updated: 2025-07-25 13:20- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://support.hcl-software.com/csm?id=kb_articl… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | IEM |
Affected:
1.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0251",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-25T13:20:06.213346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T13:20:11.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "IEM",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "1.2"
}
]
}
],
"datePublic": "2025-07-24T23:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "HCL IEM is affected by a concurrent login vulnerability.\u0026nbsp; The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"value": "HCL IEM is affected by a concurrent login vulnerability.\u00a0 The application allows multiple concurrent sessions using the same user credentials, which may introduce security risks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-25T00:20:54.150Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"name": "VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0122368"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "HCL IEM is affected by a concurrent login vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0251",
"datePublished": "2025-07-25T00:06:08.416Z",
"dateReserved": "2025-01-06T16:00:26.083Z",
"dateUpdated": "2025-07-25T13:20:11.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0126 (GCVE-0-2025-0126)
Vulnerability from cvelistv5 – Published: 2025-04-11 01:57 – Updated: 2025-04-11 16:02- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0126 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | PAN-OS |
Affected:
11.2.0 , < 11.2.3
(custom)
Affected: 11.1.0 , < 11.1.5 (custom) Affected: 11.0.0 , < 11.0.6 (custom) Affected: 10.2.0 , < 10.2.10-h6 (custom) Affected: 10.1.0 , < 10.1.14-h11 (custom) cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h32:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h31:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h30:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h29:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h28:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h27:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h26:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h25:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h24:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h23:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h22:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h21:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h20:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h19:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h18:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h17:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:* |
|
| Palo Alto Networks | Prisma Access |
Affected:
10.2.0 , < 10.2.4-h36
(custom)
Affected: 11.2.0 , < 11.2.4-h5 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T15:33:31.861481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T16:02:02.228Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h32:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h31:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h30:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h29:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h28:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h27:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h26:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h25:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h24:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h23:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h22:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h21:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h20:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h19:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h18:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h17:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "11.2.3",
"status": "unaffected"
}
],
"lessThan": "11.2.3",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.10-h6",
"status": "unaffected"
},
{
"at": "10.2.11",
"status": "unaffected"
},
{
"at": "10.2.4-h25",
"status": "unaffected"
},
{
"at": "10.2.9-h13",
"status": "unaffected"
}
],
"lessThan": "10.2.10-h6",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14-h11",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h11",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"PAN-OS"
],
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.2.10-h16",
"status": "unaffected"
},
{
"at": "10.2.4-h36",
"status": "unaffected"
}
],
"lessThan": "10.2.4-h36",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "11.2.4-h5",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.\u003c/p\u003e\u003cp\u003eYou can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals).\u003c/p\u003e\u003cp\u003eIf you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication).\u003c/p\u003e"
}
],
"value": "This issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.\n\nYou can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals).\n\nIf you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "D\u0027Angelo Gonzalez of CrowdStrike"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When configured using SAML, a session fixation vulnerability in the GlobalProtect\u2122 login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker.\u003cbr\u003e\u003cbr\u003eThe SAML login for the PAN-OS\u00ae management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma\u00ae Access instances are proactively patched."
}
],
"value": "When configured using SAML, a session fixation vulnerability in the GlobalProtect\u2122 login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker.\n\nThe SAML login for the PAN-OS\u00ae management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma\u00ae Access instances are proactively patched."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-195",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-195 Principal Spoof"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T01:57:12.662Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0126"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.5 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.0\u003c/td\u003e\u003ctd\u003e11.0.0 through 11.0.5\u003c/td\u003e\u003ctd\u003eUpgrade to 11.0.6 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.10\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h6 or 10.2.11 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.5 through 10.2.9\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.9-h13 or 10.2.11 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.4\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.4-h25 or 10.2.11 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.1.14-h11 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eAll other older \u003cbr\u003eunsupported \u003cbr\u003ePAN-OS versions\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003ePAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.\u003cbr\u003e\u003cbr\u003eWe proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants.\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.2\n11.2.0 through 11.2.2\nUpgrade to 11.2.3 or laterPAN-OS 11.1\n11.1.0 through 11.1.4\nUpgrade to 11.1.5 or later\nPAN-OS 11.011.0.0 through 11.0.5Upgrade to 11.0.6 or laterPAN-OS 10.2\n10.2.10\nUpgrade to 10.2.10-h6 or 10.2.11 or later\n\u00a010.2.5 through 10.2.9Upgrade to 10.2.9-h13 or 10.2.11 or later\u00a010.2.0 through 10.2.4Upgrade to 10.2.4-h25 or 10.2.11 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older \nunsupported \nPAN-OS versions\u00a0Upgrade to a supported fixed version.\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.\n\nWe proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants."
}
],
"source": {
"defect": [
"PAN-253328"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan\u003eThis issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab\"\u003e\u003cspan\u003edocumentation\u003c/span\u003e\u003c/a\u003e\u003cspan\u003e.\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab ."
}
],
"x_affectedList": [
"PAN-OS 11.2.2-h2",
"PAN-OS 11.2.2-h1",
"PAN-OS 11.2.1-h1",
"PAN-OS 11.2.1",
"PAN-OS 11.2.0-h1",
"PAN-OS 11.2.0",
"PAN-OS 11.1.4-h17",
"PAN-OS 11.1.4-h15",
"PAN-OS 11.1.4-h13",
"PAN-OS 11.1.4-h12",
"PAN-OS 11.1.4-h11",
"PAN-OS 11.1.4-h10",
"PAN-OS 11.1.4-h9",
"PAN-OS 11.1.4-h8",
"PAN-OS 11.1.4-h7",
"PAN-OS 11.1.4-h6",
"PAN-OS 11.1.4-h5",
"PAN-OS 11.1.4-h4",
"PAN-OS 11.1.4-h3",
"PAN-OS 11.1.4-h2",
"PAN-OS 11.1.4-h1",
"PAN-OS 11.1.4",
"PAN-OS 11.1.3-h13",
"PAN-OS 11.1.3-h12",
"PAN-OS 11.1.3-h11",
"PAN-OS 11.1.3-h10",
"PAN-OS 11.1.3-h9",
"PAN-OS 11.1.3-h8",
"PAN-OS 11.1.3-h7",
"PAN-OS 11.1.3-h6",
"PAN-OS 11.1.3-h5",
"PAN-OS 11.1.3-h4",
"PAN-OS 11.1.3-h3",
"PAN-OS 11.1.3-h2",
"PAN-OS 11.1.3-h1",
"PAN-OS 11.1.3",
"PAN-OS 11.1.2-h18",
"PAN-OS 11.1.2-h17",
"PAN-OS 11.1.2-h16",
"PAN-OS 11.1.2-h15",
"PAN-OS 11.1.2-h14",
"PAN-OS 11.1.2-h13",
"PAN-OS 11.1.2-h12",
"PAN-OS 11.1.2-h11",
"PAN-OS 11.1.2-h10",
"PAN-OS 11.1.2-h9",
"PAN-OS 11.1.2-h8",
"PAN-OS 11.1.2-h7",
"PAN-OS 11.1.2-h6",
"PAN-OS 11.1.2-h5",
"PAN-OS 11.1.2-h4",
"PAN-OS 11.1.2-h3",
"PAN-OS 11.1.2-h2",
"PAN-OS 11.1.2-h1",
"PAN-OS 11.1.2",
"PAN-OS 11.1.1-h2",
"PAN-OS 11.1.1-h1",
"PAN-OS 11.1.1",
"PAN-OS 11.1.0-h4",
"PAN-OS 11.1.0-h3",
"PAN-OS 11.1.0-h2",
"PAN-OS 11.1.0-h1",
"PAN-OS 11.1.0",
"PAN-OS 11.0.5-h2",
"PAN-OS 11.0.5-h1",
"PAN-OS 11.0.5",
"PAN-OS 11.0.4-h6",
"PAN-OS 11.0.4-h5",
"PAN-OS 11.0.4-h4",
"PAN-OS 11.0.4-h3",
"PAN-OS 11.0.4-h2",
"PAN-OS 11.0.4-h1",
"PAN-OS 11.0.4",
"PAN-OS 11.0.3-h13",
"PAN-OS 11.0.3-h12",
"PAN-OS 11.0.3-h11",
"PAN-OS 11.0.3-h10",
"PAN-OS 11.0.3-h9",
"PAN-OS 11.0.3-h8",
"PAN-OS 11.0.3-h7",
"PAN-OS 11.0.3-h6",
"PAN-OS 11.0.3-h5",
"PAN-OS 11.0.3-h4",
"PAN-OS 11.0.3-h3",
"PAN-OS 11.0.3-h2",
"PAN-OS 11.0.3-h1",
"PAN-OS 11.0.3",
"PAN-OS 11.0.2-h5",
"PAN-OS 11.0.2-h4",
"PAN-OS 11.0.2-h3",
"PAN-OS 11.0.2-h2",
"PAN-OS 11.0.2-h1",
"PAN-OS 11.0.2",
"PAN-OS 11.0.1-h5",
"PAN-OS 11.0.1-h4",
"PAN-OS 11.0.1-h3",
"PAN-OS 11.0.1-h2",
"PAN-OS 11.0.1-h1",
"PAN-OS 11.0.1",
"PAN-OS 11.0.0-h4",
"PAN-OS 11.0.0-h3",
"PAN-OS 11.0.0-h2",
"PAN-OS 11.0.0-h1",
"PAN-OS 11.0.0",
"PAN-OS 10.2.10-h14",
"PAN-OS 10.2.10-h13",
"PAN-OS 10.2.10-h12",
"PAN-OS 10.2.10-h11",
"PAN-OS 10.2.10-h10",
"PAN-OS 10.2.10-h9",
"PAN-OS 10.2.10-h8",
"PAN-OS 10.2.10-h7",
"PAN-OS 10.2.10-h6",
"PAN-OS 10.2.10-h5",
"PAN-OS 10.2.10-h4",
"PAN-OS 10.2.10-h3",
"PAN-OS 10.2.10-h2",
"PAN-OS 10.2.10-h1",
"PAN-OS 10.2.10",
"PAN-OS 10.2.9-h12",
"PAN-OS 10.2.9-h11",
"PAN-OS 10.2.9-h10",
"PAN-OS 10.2.9-h9",
"PAN-OS 10.2.9-h8",
"PAN-OS 10.2.9-h7",
"PAN-OS 10.2.9-h6",
"PAN-OS 10.2.9-h5",
"PAN-OS 10.2.9-h4",
"PAN-OS 10.2.9-h3",
"PAN-OS 10.2.9-h2",
"PAN-OS 10.2.9-h1",
"PAN-OS 10.2.9",
"PAN-OS 10.2.8-h21",
"PAN-OS 10.2.8-h20",
"PAN-OS 10.2.8-h19",
"PAN-OS 10.2.8-h18",
"PAN-OS 10.2.8-h17",
"PAN-OS 10.2.8-h16",
"PAN-OS 10.2.8-h15",
"PAN-OS 10.2.8-h14",
"PAN-OS 10.2.8-h13",
"PAN-OS 10.2.8-h12",
"PAN-OS 10.2.8-h11",
"PAN-OS 10.2.8-h10",
"PAN-OS 10.2.8-h9",
"PAN-OS 10.2.8-h8",
"PAN-OS 10.2.8-h7",
"PAN-OS 10.2.8-h6",
"PAN-OS 10.2.8-h5",
"PAN-OS 10.2.8-h4",
"PAN-OS 10.2.8-h3",
"PAN-OS 10.2.8-h2",
"PAN-OS 10.2.8-h1",
"PAN-OS 10.2.8",
"PAN-OS 10.2.7-h24",
"PAN-OS 10.2.7-h23",
"PAN-OS 10.2.7-h22",
"PAN-OS 10.2.7-h21",
"PAN-OS 10.2.7-h20",
"PAN-OS 10.2.7-h19",
"PAN-OS 10.2.7-h18",
"PAN-OS 10.2.7-h17",
"PAN-OS 10.2.7-h16",
"PAN-OS 10.2.7-h15",
"PAN-OS 10.2.7-h14",
"PAN-OS 10.2.7-h13",
"PAN-OS 10.2.7-h12",
"PAN-OS 10.2.7-h11",
"PAN-OS 10.2.7-h10",
"PAN-OS 10.2.7-h9",
"PAN-OS 10.2.7-h8",
"PAN-OS 10.2.7-h7",
"PAN-OS 10.2.7-h6",
"PAN-OS 10.2.7-h5",
"PAN-OS 10.2.7-h4",
"PAN-OS 10.2.7-h3",
"PAN-OS 10.2.7-h2",
"PAN-OS 10.2.7-h1",
"PAN-OS 10.2.7",
"PAN-OS 10.2.6-h6",
"PAN-OS 10.2.6-h5",
"PAN-OS 10.2.6-h4",
"PAN-OS 10.2.6-h3",
"PAN-OS 10.2.6-h2",
"PAN-OS 10.2.6-h1",
"PAN-OS 10.2.6",
"PAN-OS 10.2.5-h9",
"PAN-OS 10.2.5-h8",
"PAN-OS 10.2.5-h7",
"PAN-OS 10.2.5-h6",
"PAN-OS 10.2.5-h5",
"PAN-OS 10.2.5-h4",
"PAN-OS 10.2.5-h3",
"PAN-OS 10.2.5-h2",
"PAN-OS 10.2.5-h1",
"PAN-OS 10.2.5",
"PAN-OS 10.2.4-h32",
"PAN-OS 10.2.4-h31",
"PAN-OS 10.2.4-h30",
"PAN-OS 10.2.4-h29",
"PAN-OS 10.2.4-h28",
"PAN-OS 10.2.4-h27",
"PAN-OS 10.2.4-h26",
"PAN-OS 10.2.4-h25",
"PAN-OS 10.2.4-h24",
"PAN-OS 10.2.4-h23",
"PAN-OS 10.2.4-h22",
"PAN-OS 10.2.4-h21",
"PAN-OS 10.2.4-h20",
"PAN-OS 10.2.4-h19",
"PAN-OS 10.2.4-h18",
"PAN-OS 10.2.4-h17",
"PAN-OS 10.2.4-h16",
"PAN-OS 10.2.4-h15",
"PAN-OS 10.2.4-h14",
"PAN-OS 10.2.4-h13",
"PAN-OS 10.2.4-h12",
"PAN-OS 10.2.4-h11",
"PAN-OS 10.2.4-h10",
"PAN-OS 10.2.4-h9",
"PAN-OS 10.2.4-h8",
"PAN-OS 10.2.4-h7",
"PAN-OS 10.2.4-h6",
"PAN-OS 10.2.4-h5",
"PAN-OS 10.2.4-h4",
"PAN-OS 10.2.4-h3",
"PAN-OS 10.2.4-h2",
"PAN-OS 10.2.4-h1",
"PAN-OS 10.2.4",
"PAN-OS 10.2.3-h14",
"PAN-OS 10.2.3-h13",
"PAN-OS 10.2.3-h12",
"PAN-OS 10.2.3-h11",
"PAN-OS 10.2.3-h10",
"PAN-OS 10.2.3-h9",
"PAN-OS 10.2.3-h8",
"PAN-OS 10.2.3-h7",
"PAN-OS 10.2.3-h6",
"PAN-OS 10.2.3-h5",
"PAN-OS 10.2.3-h4",
"PAN-OS 10.2.3-h3",
"PAN-OS 10.2.3-h2",
"PAN-OS 10.2.3-h1",
"PAN-OS 10.2.3",
"PAN-OS 10.2.2-h6",
"PAN-OS 10.2.2-h5",
"PAN-OS 10.2.2-h4",
"PAN-OS 10.2.2-h3",
"PAN-OS 10.2.2-h2",
"PAN-OS 10.2.2-h1",
"PAN-OS 10.2.2",
"PAN-OS 10.2.1-h3",
"PAN-OS 10.2.1-h2",
"PAN-OS 10.2.1-h1",
"PAN-OS 10.2.1",
"PAN-OS 10.2.0-h4",
"PAN-OS 10.2.0-h3",
"PAN-OS 10.2.0-h2",
"PAN-OS 10.2.0-h1",
"PAN-OS 10.2.0",
"PAN-OS 10.1.14-h10",
"PAN-OS 10.1.14-h9",
"PAN-OS 10.1.14-h8",
"PAN-OS 10.1.14-h7",
"PAN-OS 10.1.14-h6",
"PAN-OS 10.1.14-h5",
"PAN-OS 10.1.14-h4",
"PAN-OS 10.1.14-h3",
"PAN-OS 10.1.14-h2",
"PAN-OS 10.1.14-h1",
"PAN-OS 10.1.14",
"PAN-OS 10.1.13-h5",
"PAN-OS 10.1.13-h4",
"PAN-OS 10.1.13-h3",
"PAN-OS 10.1.13-h2",
"PAN-OS 10.1.13-h1",
"PAN-OS 10.1.13",
"PAN-OS 10.1.12-h3",
"PAN-OS 10.1.12-h2",
"PAN-OS 10.1.12-h1",
"PAN-OS 10.1.12",
"PAN-OS 10.1.11-h10",
"PAN-OS 10.1.11-h9",
"PAN-OS 10.1.11-h8",
"PAN-OS 10.1.11-h7",
"PAN-OS 10.1.11-h6",
"PAN-OS 10.1.11-h5",
"PAN-OS 10.1.11-h4",
"PAN-OS 10.1.11-h3",
"PAN-OS 10.1.11-h2",
"PAN-OS 10.1.11-h1",
"PAN-OS 10.1.11",
"PAN-OS 10.1.10-h9",
"PAN-OS 10.1.10-h8",
"PAN-OS 10.1.10-h7",
"PAN-OS 10.1.10-h6",
"PAN-OS 10.1.10-h5",
"PAN-OS 10.1.10-h4",
"PAN-OS 10.1.10-h3",
"PAN-OS 10.1.10-h2",
"PAN-OS 10.1.10-h1",
"PAN-OS 10.1.10",
"PAN-OS 10.1.9-h14",
"PAN-OS 10.1.9-h13",
"PAN-OS 10.1.9-h12",
"PAN-OS 10.1.9-h11",
"PAN-OS 10.1.9-h10",
"PAN-OS 10.1.9-h9",
"PAN-OS 10.1.9-h8",
"PAN-OS 10.1.9-h7",
"PAN-OS 10.1.9-h6",
"PAN-OS 10.1.9-h5",
"PAN-OS 10.1.9-h4",
"PAN-OS 10.1.9-h3",
"PAN-OS 10.1.9-h2",
"PAN-OS 10.1.9-h1",
"PAN-OS 10.1.9",
"PAN-OS 10.1.8-h8",
"PAN-OS 10.1.8-h7",
"PAN-OS 10.1.8-h6",
"PAN-OS 10.1.8-h5",
"PAN-OS 10.1.8-h4",
"PAN-OS 10.1.8-h3",
"PAN-OS 10.1.8-h2",
"PAN-OS 10.1.8-h1",
"PAN-OS 10.1.8",
"PAN-OS 10.1.7-h1",
"PAN-OS 10.1.7",
"PAN-OS 10.1.6-h9",
"PAN-OS 10.1.6-h8",
"PAN-OS 10.1.6-h7",
"PAN-OS 10.1.6-h6",
"PAN-OS 10.1.6-h5",
"PAN-OS 10.1.6-h4",
"PAN-OS 10.1.6-h3",
"PAN-OS 10.1.6-h2",
"PAN-OS 10.1.6-h1",
"PAN-OS 10.1.6",
"PAN-OS 10.1.5-h4",
"PAN-OS 10.1.5-h3",
"PAN-OS 10.1.5-h2",
"PAN-OS 10.1.5-h1",
"PAN-OS 10.1.5",
"PAN-OS 10.1.4-h6",
"PAN-OS 10.1.4-h5",
"PAN-OS 10.1.4-h4",
"PAN-OS 10.1.4-h3",
"PAN-OS 10.1.4-h2",
"PAN-OS 10.1.4-h1",
"PAN-OS 10.1.4",
"PAN-OS 10.1.3-h4",
"PAN-OS 10.1.3-h3",
"PAN-OS 10.1.3-h2",
"PAN-OS 10.1.3-h1",
"PAN-OS 10.1.3",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0126",
"datePublished": "2025-04-11T01:57:12.662Z",
"dateReserved": "2024-12-20T23:23:27.116Z",
"dateUpdated": "2025-04-11T16:02:02.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-56733 (GCVE-0-2024-56733)
Vulnerability from cvelistv5 – Published: 2024-12-30 16:46 – Updated: 2024-12-30 17:33- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://github.com/pglombardo/PasswordPusher/secu… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| pglombardo | PasswordPusher |
Affected:
<= 1.50.3
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-56733",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-30T17:33:12.436497Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T17:33:25.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PasswordPusher",
"vendor": "pglombardo",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.50.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token is replaced and invalidated upon logout, if an attacker manages to capture the session cookie before this process, they can use the token to gain unauthorized access to the user\u0027s session until the token expires or is manually cleared. This vulnerability hinges on the attacker\u0027s ability to access the session cookie during an active session, either through a man-in-the-middle attack, by exploiting another vulnerability like XSS, or via direct access to the victim\u0027s device. Although there is no direct resolution to this vulnerability, it is recommended to always use the latest version of Password Pusher to best mitigate risk. If self-hosting, ensure Password Pusher is hosted exclusively over SSL connections to encrypt traffic and prevent session cookies from being intercepted in transit. Additionally, implement best practices in local security to safeguard user systems, browsers, and data against unauthorized access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-30T16:46:37.661Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/pglombardo/PasswordPusher/security/advisories/GHSA-4fwj-m62q-pp47",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/pglombardo/PasswordPusher/security/advisories/GHSA-4fwj-m62q-pp47"
}
],
"source": {
"advisory": "GHSA-4fwj-m62q-pp47",
"discovery": "UNKNOWN"
},
"title": "Password Pusher Allows Session Token Interception Leading to Potential Hijacking"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-56733",
"datePublished": "2024-12-30T16:46:37.661Z",
"dateReserved": "2024-12-27T15:57:20.952Z",
"dateUpdated": "2024-12-30T17:33:25.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49709 (GCVE-0-2024-49709)
Vulnerability from cvelistv5 – Published: 2025-04-14 12:06 – Updated: 2025-04-14 12:45- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2025/04/CVE-2024-10087 | third-party-advisory |
| https://www.iksoris.pl/system-rezerwacji-i-sprzed… | product |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49709",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T12:44:51.688346Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T12:45:01.014Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Internet Starter"
],
"product": "iKSORIS",
"vendor": "SoftCOM",
"versions": [
{
"lessThan": "79.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pawe\u0142 Zdunek (Afine Team)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eInternet Starter, o\u003c/span\u003ene of SoftCOM iKSORIS system modules,\u0026nbsp;allows for setting an arbitrary session cookie value. An attacker with an access to user\u0027s browser might set such a cookie, wait until the user logs in and then use the same cookie to take over the account. \u003cbr\u003eMoreover, the system does not destroy the old sessions when creating new ones, what expands the time frame in which an attack might be performed.\u0026nbsp;\u003cbr\u003eThis vulnerability has been patched \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein version \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e79.0\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Internet Starter, one of SoftCOM iKSORIS system modules,\u00a0allows for setting an arbitrary session cookie value. An attacker with an access to user\u0027s browser might set such a cookie, wait until the user logs in and then use the same cookie to take over the account. \nMoreover, the system does not destroy the old sessions when creating new ones, what expands the time frame in which an attack might be performed.\u00a0\nThis vulnerability has been patched in version 79.0"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T12:06:51.407Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2025/04/CVE-2024-10087"
},
{
"tags": [
"product"
],
"url": "https://www.iksoris.pl/system-rezerwacji-i-sprzedazy-biletow-iksoris.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "XSS in iKSORIS",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2024-49709",
"datePublished": "2025-04-14T12:06:51.407Z",
"dateReserved": "2024-10-17T15:28:25.991Z",
"dateUpdated": "2025-04-14T12:45:01.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-49344 (GCVE-0-2024-49344)
Vulnerability from cvelistv5 – Published: 2025-02-20 12:08 – Updated: 2025-08-15 14:46- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7183541 | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | OpenPages with Watson |
Affected:
8.3
Affected: 9.0 cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:* cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-49344",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-20T14:02:30.482901Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-20T14:02:40.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:openpages_with_watson:8.3:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:openpages_with_watson:9.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "OpenPages with Watson",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "8.3"
},
{
"status": "affected",
"version": "9.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewith Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout.\u003c/span\u003e\u003c/span\u003e"
}
],
"value": "IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages \n\n\n\nwith Watson Assistant chat feature enabled the application establishes a session when a user logs in and uses chat, but the chat session is still left active after logout."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T14:46:14.557Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7183541"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM OpenPages session fixation",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-49344",
"datePublished": "2025-02-20T12:08:23.999Z",
"dateReserved": "2024-10-14T12:05:13.492Z",
"dateUpdated": "2025-08-15T14:46:14.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-48929 (GCVE-0-2024-48929)
Vulnerability from cvelistv5 – Published: 2024-10-22 15:54 – Updated: 2024-10-22 17:13- CWE-384 - Session Fixation
| URL | Tags |
|---|---|
| https://github.com/umbraco/Umbraco-CMS/security/a… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| umbraco | Umbraco-CMS |
Affected:
>= 13.0.0, < 13.5.2
Affected: >= 10.0.0, < 10.8.7 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-48929",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-22T17:09:03.535072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T17:13:46.490Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Umbraco-CMS",
"vendor": "umbraco",
"versions": [
{
"status": "affected",
"version": "\u003e= 13.0.0, \u003c 13.5.2"
},
{
"status": "affected",
"version": "\u003e= 10.0.0, \u003c 10.8.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Umbraco is a free and open source .NET content management system. In versions on the 13.x branch prior to 13.5.2 and versions on the 10.x branch prior to 10.8.7, during an explicit sign-out, the server session is not fully terminated. Versions 13.5.2 and 10.8.7 contain a patch for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384: Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T15:54:23.813Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wxw9-6pv9-c3xc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-wxw9-6pv9-c3xc"
}
],
"source": {
"advisory": "GHSA-wxw9-6pv9-c3xc",
"discovery": "UNKNOWN"
},
"title": "Umbraco CMS Has Incomplete Server Termination During Explicit Sign-Out"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-48929",
"datePublished": "2024-10-22T15:54:23.813Z",
"dateReserved": "2024-10-09T22:06:46.175Z",
"dateUpdated": "2024-10-22T17:13:46.490Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Invalidate any existing session identifiers prior to authorizing a new user session.
Mitigation
For platforms such as ASP that do not generate new values for sessionid cookies, utilize a secondary cookie. In this approach, set a secondary cookie on the user's browser to a random value and set a session variable to the same value. If the session variable and the cookie value ever don't match, invalidate the session, and force the user to log on again.
Mitigation MIT-29
Strategy: Firewall
Use an application firewall that can detect attacks against this weakness. It can be beneficial in cases in which the code cannot be fixed (because it is controlled by a third party), as an emergency prevention measure while more comprehensive software assurance measures are applied, or to provide defense in depth [REF-1481].
CAPEC-196: Session Credential Falsification through Forging
An attacker creates a false but functional session credential in order to gain or usurp access to a service. Session credentials allow users to identify themselves to a service after an initial authentication without needing to resend the authentication information (usually a username and password) with every message. If an attacker is able to forge valid session credentials they may be able to bypass authentication or piggy-back off some other authenticated user's session. This attack differs from Reuse of Session IDs and Session Sidejacking attacks in that in the latter attacks an attacker uses a previous or existing credential without modification while, in a forging attack, the attacker must create their own credential, although it may be based on previously observed credentials.
CAPEC-21: Exploitation of Trusted Identifiers
An adversary guesses, obtains, or "rides" a trusted identifier (e.g. session ID, resource ID, cookie, etc.) to perform authorized actions under the guise of an authenticated user or service.
CAPEC-31: Accessing/Intercepting/Modifying HTTP Cookies
This attack relies on the use of HTTP Cookies to store credentials, state information and other critical data on client systems. There are several different forms of this attack. The first form of this attack involves accessing HTTP Cookies to mine for potentially sensitive data contained therein. The second form involves intercepting this data as it is transmitted from client to server. This intercepted information is then used by the adversary to impersonate the remote user/session. The third form is when the cookie's content is modified by the adversary before it is sent back to the server. Here the adversary seeks to convince the target server to operate on this falsified information.
CAPEC-39: Manipulating Opaque Client-based Data Tokens
In circumstances where an application holds important data client-side in tokens (cookies, URLs, data files, and so forth) that data can be manipulated. If client or server-side application components reinterpret that data as authentication tokens or data (such as store item pricing or wallet information) then even opaquely manipulating that data may bear fruit for an Attacker. In this pattern an attacker undermines the assumption that client side tokens have been adequately protected from tampering through use of encryption or obfuscation.
CAPEC-59: Session Credential Falsification through Prediction
This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
CAPEC-60: Reusing Session IDs (aka Session Replay)
This attack targets the reuse of valid session ID to spoof the target system in order to gain privileges. The attacker tries to reuse a stolen session ID used previously during a transaction to perform spoofing and session hijacking. Another name for this type of attack is Session Replay.
CAPEC-61: Session Fixation
The attacker induces a client to establish a session with the target software using a session identifier provided by the attacker. Once the user successfully authenticates to the target software, the attacker uses the (now privileged) session identifier in their own transactions. This attack leverages the fact that the target software either relies on client-generated session identifiers or maintains the same session identifiers after privilege elevation.