CWE-306
Missing Authentication for Critical Function
The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
CVE-2024-9644 (GCVE-0-2024-9644)
Vulnerability from cvelistv5 – Published: 2025-02-04 14:58 – Updated: 2025-11-19 20:35
VLAI
Title
Four-Faith F3x36 bapply.cgi Auth Bypass
Summary
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an
authentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the "bapply.cgi" endpoint instead of the normal "apply.cgi" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vulncheck.com/advisories/four-faith-hidden-api | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Four-Faith | F3x36 |
Affected:
2.0.0
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T15:48:55.611580Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-04T15:49:20.305Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "F3x36",
"vendor": "Four-Faith",
"versions": [
{
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:four-faith:f3x36_firmware:2.0.0:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jacob Baines"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an \nauthentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the \"bapply.cgi\" endpoint instead of the normal \"apply.cgi\" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities.\u003cbr\u003e"
}
],
"value": "The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an \nauthentication bypass vulnerability in the administrative web server. Authentication is not enforced on some administrative functionality when using the \"bapply.cgi\" endpoint instead of the normal \"apply.cgi\" endpoint. A remote and unauthenticated can use this vulnerability to modify settings or chain with existing authenticated vulnerabilities."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489 Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:35:28.936Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://vulncheck.com/advisories/four-faith-hidden-api"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Four-Faith F3x36 bapply.cgi Auth Bypass",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-9644",
"datePublished": "2025-02-04T14:58:03.363Z",
"dateReserved": "2024-10-08T18:08:01.273Z",
"dateUpdated": "2025-11-19T20:35:28.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-9919 (GCVE-0-2024-9919)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:09 – Updated: 2025-10-15 12:50
VLAI
Title
Missing Authentication Check in parisneo/lollms-webui
Summary
A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/{app_name} API endpoint does not call the check_access() function to verify the client_id, enabling attackers to delete directories without proper authentication.
Severity
8.4 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| parisneo | parisneo/lollms-webui |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9919",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:50:06.562183Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:32:45.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "parisneo/lollms-webui",
"vendor": "parisneo",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A missing authentication check in the uninstall endpoint of parisneo/lollms-webui V13 allows attackers to perform unauthorized directory deletions. The /uninstall/{app_name} API endpoint does not call the check_access() function to verify the client_id, enabling attackers to delete directories without proper authentication."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-15T12:50:47.693Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/5c00f56b-32a8-4e26-a4e3-de64f139da6b"
}
],
"source": {
"advisory": "5c00f56b-32a8-4e26-a4e3-de64f139da6b",
"discovery": "EXTERNAL"
},
"title": "Missing Authentication Check in parisneo/lollms-webui"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-9919",
"datePublished": "2025-03-20T10:09:56.293Z",
"dateReserved": "2024-10-13T13:06:10.241Z",
"dateUpdated": "2025-10-15T12:50:47.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9984 (GCVE-0-2024-9984)
Vulnerability from cvelistv5 – Published: 2024-10-15 08:15 – Updated: 2024-10-15 13:38
VLAI
Title
Ragic Enterprise Cloud Database - Missing Authentication
Summary
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-8150-c955a-1.html | third-party-advisory |
| https://www.twcert.org.tw/en/cp-139-8151-1a4b5-2.html | third-party-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Ragic | Enterprise Cloud Database |
Affected:
0 , < 2024/08/08 09:45:25
(custom)
|
|
| ragic | enterprise_cloud_database |
Affected:
0 , < 2024-08-08
(custom)
cpe:2.3:a:ragic:enterprise_cloud_database:*:*:*:*:*:*:*:* |
Date Public
2024-10-15 08:15
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:ragic:enterprise_cloud_database:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "enterprise_cloud_database",
"vendor": "ragic",
"versions": [
{
"lessThan": "2024-08-08",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9984",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T13:38:00.909906Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T13:38:39.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Enterprise Cloud Database",
"vendor": "Ragic",
"versions": [
{
"lessThan": "2024/08/08 09:45:25",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2024-10-15T08:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEnterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user\u0027s session cookie.\u003c/span\u003e"
}
],
"value": "Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user\u0027s session cookie."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T08:15:30.938Z",
"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"shortName": "twcert"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/tw/cp-132-8150-c955a-1.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.twcert.org.tw/en/cp-139-8151-1a4b5-2.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 2024/08/08 09:45:25 or later."
}
],
"value": "Update to version 2024/08/08 09:45:25 or later."
}
],
"source": {
"advisory": "TVN-202410014",
"discovery": "EXTERNAL"
},
"title": "Ragic Enterprise Cloud Database - Missing Authentication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
"assignerShortName": "twcert",
"cveId": "CVE-2024-9984",
"datePublished": "2024-10-15T08:15:30.938Z",
"dateReserved": "2024-10-15T06:58:04.062Z",
"dateUpdated": "2024-10-15T13:38:39.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0108 (GCVE-0-2025-0108)
Vulnerability from cvelistv5 – Published: 2025-02-12 20:55 – Updated: 2026-02-26 19:08
VLAI
Title
PAN-OS: Authentication Bypass in the Management Web Interface
Summary
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
This issue does not affect Cloud NGFW or Prisma Access software.
Severity
SSVC
Exploitation: active
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
8 references
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | PAN-OS |
Affected:
10.1.0 , < 10.1.14-h9
(custom)
Affected: 10.2.0 , < 10.2.7-h24 (custom) Affected: 11.1.0 , < 11.1.6-h1 (custom) Affected: 11.2.0 , < 11.2.4-h4 (custom) cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h17:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h20:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h20:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:* |
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
(custom)
|
Date Public
2025-02-12 17:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0108",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-19T04:55:10.266940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-02-18",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0108"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:08:49.699Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-0108"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-02-18T00:00:00.000Z",
"value": "CVE-2025-0108 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-02-20T02:08:45.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://github.com/iSee857/CVE-2025-0108-PoC"
},
{
"url": "https://www.theregister.com/2025/02/19/palo_alto_firewall_attack/"
},
{
"url": "https://slcyber.io/blog/nginx-apache-path-confusion-to-auth-bypass-in-pan-os/"
},
{
"url": "https://www.darkreading.com/remote-workforce/patch-now-cisa-researchers-warn-palo-alto-flaw-exploited-wild"
},
{
"url": "https://www.securityweek.com/palo-alto-networks-confirms-exploitation-of-firewall-vulnerability/"
},
{
"url": "https://www.bleepingcomputer.com/news/security/palo-alto-networks-tags-new-firewall-bug-as-exploited-in-attacks/"
}
],
"title": "CVE Program Container",
"x_generator": {
"engine": "ADPogram 0.0.1"
}
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h17:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h20:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h19:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h18:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h17:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h20:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h19:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h18:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h17:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h23:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h22:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h21:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h20:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h19:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h18:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h17:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "10.1.14-h9",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h9",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.7-h24",
"status": "unaffected"
},
{
"at": "10.2.8-h21",
"status": "unaffected"
},
{
"at": "10.2.9-h21",
"status": "unaffected"
},
{
"at": "10.2.12-h6",
"status": "unaffected"
},
{
"at": "10.2.13-h3",
"status": "unaffected"
},
{
"at": "10.2.10-h14",
"status": "unaffected"
},
{
"at": "10.2.11-h12",
"status": "unaffected"
}
],
"lessThan": "10.2.7-h24",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.6-h1",
"status": "unaffected"
},
{
"at": "11.1.2-h18",
"status": "unaffected"
}
],
"lessThan": "11.1.6-h1",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.2.4-h4",
"status": "unaffected"
}
],
"lessThan": "11.2.4-h4",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan\u003eThe risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cspan\u003eDirectly; or\u003c/span\u003e\u003c/li\u003e\u003cli\u003e\u003cspan\u003eThrough a dataplane interface that includes a management interface profile.\u003c/span\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan\u003eYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\u003c/span\u003e\u003c/p\u003e\u003cp\u003e\u003cspan\u003eUse the following steps to identify your recently detected devices in our internet scans.\u003c/span\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003e\u003cspan\u003eTo find any assets that require remediation action, visit the Assets section of the Customer Support Portal at\u0026nbsp;\u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com/\"\u003e\u003cspan\u003ehttps://support.paloaltonetworks.com\u003c/span\u003e\u003c/a\u003e\u0026nbsp;(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\u003c/li\u003e\u003cli\u003e\u003cspan\u003eReview the list of your devices that we discovered in our scans to have an internet-facing management interface and that we tagged with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices on your account to have an internet-facing management interface within the past three days.\u003c/span\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cspan\u003eGlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).\u003c/span\u003e\u003c/p\u003e"
}
],
"value": "The risk is greatest if you enabled access to the management interface from the internet or any untrusted network either:\n\n * Directly; or\n * Through a dataplane interface that includes a management interface profile.\nYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\n\nUse the following steps to identify your recently detected devices in our internet scans.\n\n * To find any assets that require remediation action, visit the Assets section of the Customer Support Portal at\u00a0 https://support.paloaltonetworks.com https://support.paloaltonetworks.com/ \u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\n * Review the list of your devices that we discovered in our scans to have an internet-facing management interface and that we tagged with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices on your account to have an internet-facing management interface within the past three days.\nGlobalProtect portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues - Assetnote Security Research Team"
},
{
"lang": "en",
"type": "finder",
"value": "our Deep Product Security Research Team"
}
],
"datePublic": "2025-02-12T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003eYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practices deployment guidelines\u003c/a\u003e.\u003cb\u003e\u003cbr\u003e\u003cbr\u003e\u003c/b\u003eThis issue does not affect Cloud NGFW or Prisma Access software."
}
],
"value": "An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW or Prisma Access software."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePalo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces.\u003c/p\u003e"
}
],
"value": "Palo Alto Networks has observed exploit attempts chaining CVE-2025-0108 with CVE-2024-9474 and CVE-2025-0111 on unpatched and unsecured PAN-OS web management interfaces."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "RED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Red",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "The risk is highest when you allow access to the management interface from external IP addresses on the internet."
}
]
},
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "You can greatly reduce the risk of exploitation by restricting access to a jump box that is the only system allowed to access the management interface. This will ensure that attacks can succeed only if they obtain privileged access through those specified IP addresses."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-19T23:48:08.215Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0108"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.1.0 through 10.1.14\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.1.14-h9 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 10.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e10.2.0 through 10.2.13\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.13-h3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.7\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.7-h24 or 10.2.13-h3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.8\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.8-h21 or 10.2.13-h3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.9\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.9-h21 or 10.2.13-h3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.10\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.10-h14 or 10.2.13-h3 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.11\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.11-h12 or 10.2.13-h3 or later\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e10.2.12\u003c/td\u003e\u003ctd\u003eUpgrade to 10.2.12-h6 or 10.2.13-h3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.0 (EoL)\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eUpgrade to a supported fixed version\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.1\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.1.0 through 11.1.6\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.6-h1 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003e11.1.2\u003c/td\u003e\u003ctd\u003eUpgrade to 11.1.2-h18 or 11.1.6-h1 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePAN-OS 11.2\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e11.2.0 through 11.2.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 11.2.4-h4 or later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cp\u003eNote: PAN-OS 11.0 reached end of life (EoL) on November 17, 2024. No additional fixes are planned for this release.\u003c/p\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h9 or later\nPAN-OS 10.2\n10.2.0 through 10.2.13\nUpgrade to 10.2.13-h3 or later\n\u00a010.2.7Upgrade to 10.2.7-h24 or 10.2.13-h3 or later\u00a010.2.8Upgrade to 10.2.8-h21 or 10.2.13-h3 or later\u00a010.2.9Upgrade to 10.2.9-h21 or 10.2.13-h3 or later\u00a010.2.10Upgrade to 10.2.10-h14 or 10.2.13-h3 or later\u00a010.2.11Upgrade to 10.2.11-h12 or 10.2.13-h3 or later\u00a0\u00a010.2.12Upgrade to 10.2.12-h6 or 10.2.13-h3 or later\nPAN-OS 11.0 (EoL)\u00a0Upgrade to a supported fixed versionPAN-OS 11.1\n11.1.0 through 11.1.6\nUpgrade to 11.1.6-h1 or later\n\u00a011.1.2Upgrade to 11.1.2-h18 or 11.1.6-h1 or later\nPAN-OS 11.2\n11.2.0 through 11.2.4\nUpgrade to 11.2.4-h4 or laterNote: PAN-OS 11.0 reached end of life (EoL) on November 17, 2024. No additional fixes are planned for this release."
}
],
"source": {
"defect": [
"PAN-273971"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-02-19T23:15:00.000Z",
"value": "Updated fix availability for PAN-OS 10.2 and 11.1"
},
{
"lang": "en",
"time": "2025-02-18T23:00:00.000Z",
"value": "Updated the exploit status and solutions table"
},
{
"lang": "en",
"time": "2025-02-18T19:30:00.000Z",
"value": "Updated fix availability for PAN-OS 10.2"
},
{
"lang": "en",
"time": "2025-02-18T07:06:00.000Z",
"value": "Updated exploit status"
},
{
"lang": "en",
"time": "2025-02-12T23:45:00.000Z",
"value": "Added Threat Prevention Threat ID to Workarounds and Mitigations"
},
{
"lang": "en",
"time": "2025-02-12T17:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "PAN-OS: Authentication Bypass in the Management Web Interface",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cb\u003eRecommended mitigation\u003c/b\u003e\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ebest practices deployment guidelines\u003c/a\u003e. Specifically, you should restrict management interface access to only trusted internal IP addresses.\u003c/p\u003e\u003cp\u003eReview information about how to secure management access to your Palo Alto Networks firewalls:\u003c/p\u003e\u003cul\u003e\u003cli\u003ePalo Alto Networks LIVEcommunity article:\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/a\u003e\u003c/li\u003e\u003cli\u003ePalo Alto Networks official and detailed technical documentation:\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003eAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943)."
}
],
"value": "Recommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our\u00a0 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n * Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices \n\n\nAdditionally, customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510000 and 510001 (introduced in Applications and Threats content version 8943)."
}
],
"x_affectedList": [
"PAN-OS 11.2.4-h3",
"PAN-OS 11.2.4-h2",
"PAN-OS 11.2.4-h1",
"PAN-OS 11.2.4",
"PAN-OS 11.2.3-h5",
"PAN-OS 11.2.3-h4",
"PAN-OS 11.2.3-h3",
"PAN-OS 11.2.3-h2",
"PAN-OS 11.2.3-h1",
"PAN-OS 11.2.3",
"PAN-OS 11.2.2-h2",
"PAN-OS 11.2.2-h1",
"PAN-OS 11.2.1-h1",
"PAN-OS 11.2.1",
"PAN-OS 11.2.0-h1",
"PAN-OS 11.2.0",
"PAN-OS 11.1.6",
"PAN-OS 11.1.5-h1",
"PAN-OS 11.1.5",
"PAN-OS 11.1.4-h9",
"PAN-OS 11.1.4-h8",
"PAN-OS 11.1.4-h7",
"PAN-OS 11.1.4-h6",
"PAN-OS 11.1.4-h5",
"PAN-OS 11.1.4-h4",
"PAN-OS 11.1.4-h3",
"PAN-OS 11.1.4-h2",
"PAN-OS 11.1.4-h1",
"PAN-OS 11.1.4",
"PAN-OS 11.1.3-h13",
"PAN-OS 11.1.3-h12",
"PAN-OS 11.1.3-h11",
"PAN-OS 11.1.3-h10",
"PAN-OS 11.1.3-h9",
"PAN-OS 11.1.3-h8",
"PAN-OS 11.1.3-h7",
"PAN-OS 11.1.3-h6",
"PAN-OS 11.1.3-h5",
"PAN-OS 11.1.3-h4",
"PAN-OS 11.1.3-h3",
"PAN-OS 11.1.3-h2",
"PAN-OS 11.1.3-h1",
"PAN-OS 11.1.3",
"PAN-OS 11.1.2-h17",
"PAN-OS 11.1.2-h16",
"PAN-OS 11.1.2-h15",
"PAN-OS 11.1.2-h14",
"PAN-OS 11.1.2-h13",
"PAN-OS 11.1.2-h12",
"PAN-OS 11.1.2-h11",
"PAN-OS 11.1.2-h10",
"PAN-OS 11.1.2-h9",
"PAN-OS 11.1.2-h8",
"PAN-OS 11.1.2-h7",
"PAN-OS 11.1.2-h6",
"PAN-OS 11.1.2-h5",
"PAN-OS 11.1.2-h4",
"PAN-OS 11.1.2-h3",
"PAN-OS 11.1.2-h2",
"PAN-OS 11.1.2-h1",
"PAN-OS 11.1.2",
"PAN-OS 11.1.1-h2",
"PAN-OS 11.1.1-h1",
"PAN-OS 11.1.1",
"PAN-OS 11.1.0-h4",
"PAN-OS 11.1.0-h3",
"PAN-OS 11.1.0-h2",
"PAN-OS 11.1.0-h1",
"PAN-OS 11.1.0",
"PAN-OS 10.2.13-h2",
"PAN-OS 10.2.13-h1",
"PAN-OS 10.2.13",
"PAN-OS 10.2.12-h5",
"PAN-OS 10.2.12-h4",
"PAN-OS 10.2.12-h3",
"PAN-OS 10.2.12-h2",
"PAN-OS 10.2.12-h1",
"PAN-OS 10.2.12",
"PAN-OS 10.2.11-h11",
"PAN-OS 10.2.11-h10",
"PAN-OS 10.2.11-h9",
"PAN-OS 10.2.11-h8",
"PAN-OS 10.2.11-h7",
"PAN-OS 10.2.11-h6",
"PAN-OS 10.2.11-h5",
"PAN-OS 10.2.11-h4",
"PAN-OS 10.2.11-h3",
"PAN-OS 10.2.11-h2",
"PAN-OS 10.2.11-h1",
"PAN-OS 10.2.11",
"PAN-OS 10.2.10-h13",
"PAN-OS 10.2.10-h12",
"PAN-OS 10.2.10-h11",
"PAN-OS 10.2.10-h10",
"PAN-OS 10.2.10-h9",
"PAN-OS 10.2.10-h8",
"PAN-OS 10.2.10-h7",
"PAN-OS 10.2.10-h6",
"PAN-OS 10.2.10-h5",
"PAN-OS 10.2.10-h4",
"PAN-OS 10.2.10-h3",
"PAN-OS 10.2.10-h2",
"PAN-OS 10.2.10-h1",
"PAN-OS 10.2.10",
"PAN-OS 10.2.9-h20",
"PAN-OS 10.2.9-h19",
"PAN-OS 10.2.9-h18",
"PAN-OS 10.2.9-h17",
"PAN-OS 10.2.9-h16",
"PAN-OS 10.2.9-h15",
"PAN-OS 10.2.9-h14",
"PAN-OS 10.2.9-h13",
"PAN-OS 10.2.9-h12",
"PAN-OS 10.2.9-h11",
"PAN-OS 10.2.9-h10",
"PAN-OS 10.2.9-h9",
"PAN-OS 10.2.9-h8",
"PAN-OS 10.2.9-h7",
"PAN-OS 10.2.9-h6",
"PAN-OS 10.2.9-h5",
"PAN-OS 10.2.9-h4",
"PAN-OS 10.2.9-h3",
"PAN-OS 10.2.9-h2",
"PAN-OS 10.2.9-h1",
"PAN-OS 10.2.9",
"PAN-OS 10.2.8-h20",
"PAN-OS 10.2.8-h19",
"PAN-OS 10.2.8-h18",
"PAN-OS 10.2.8-h17",
"PAN-OS 10.2.8-h16",
"PAN-OS 10.2.8-h15",
"PAN-OS 10.2.8-h14",
"PAN-OS 10.2.8-h13",
"PAN-OS 10.2.8-h12",
"PAN-OS 10.2.8-h11",
"PAN-OS 10.2.8-h10",
"PAN-OS 10.2.8-h9",
"PAN-OS 10.2.8-h8",
"PAN-OS 10.2.8-h7",
"PAN-OS 10.2.8-h6",
"PAN-OS 10.2.8-h5",
"PAN-OS 10.2.8-h4",
"PAN-OS 10.2.8-h3",
"PAN-OS 10.2.8-h2",
"PAN-OS 10.2.8-h1",
"PAN-OS 10.2.8",
"PAN-OS 10.2.7-h23",
"PAN-OS 10.2.7-h22",
"PAN-OS 10.2.7-h21",
"PAN-OS 10.2.7-h20",
"PAN-OS 10.2.7-h19",
"PAN-OS 10.2.7-h18",
"PAN-OS 10.2.7-h17",
"PAN-OS 10.2.7-h16",
"PAN-OS 10.2.7-h15",
"PAN-OS 10.2.7-h14",
"PAN-OS 10.2.7-h13",
"PAN-OS 10.2.7-h12",
"PAN-OS 10.2.7-h11",
"PAN-OS 10.2.7-h10",
"PAN-OS 10.2.7-h9",
"PAN-OS 10.2.7-h8",
"PAN-OS 10.2.7-h7",
"PAN-OS 10.2.7-h6",
"PAN-OS 10.2.7-h5",
"PAN-OS 10.2.7-h4",
"PAN-OS 10.2.7-h3",
"PAN-OS 10.2.7-h2",
"PAN-OS 10.2.7-h1",
"PAN-OS 10.2.7",
"PAN-OS 10.2.6-h6",
"PAN-OS 10.2.6-h5",
"PAN-OS 10.2.6-h4",
"PAN-OS 10.2.6-h3",
"PAN-OS 10.2.6-h2",
"PAN-OS 10.2.6-h1",
"PAN-OS 10.2.6",
"PAN-OS 10.2.5-h9",
"PAN-OS 10.2.5-h8",
"PAN-OS 10.2.5-h7",
"PAN-OS 10.2.5-h6",
"PAN-OS 10.2.5-h5",
"PAN-OS 10.2.5-h4",
"PAN-OS 10.2.5-h3",
"PAN-OS 10.2.5-h2",
"PAN-OS 10.2.5-h1",
"PAN-OS 10.2.5",
"PAN-OS 10.2.4-h32",
"PAN-OS 10.2.4-h31",
"PAN-OS 10.2.4-h30",
"PAN-OS 10.2.4-h29",
"PAN-OS 10.2.4-h28",
"PAN-OS 10.2.4-h27",
"PAN-OS 10.2.4-h26",
"PAN-OS 10.2.4-h25",
"PAN-OS 10.2.4-h24",
"PAN-OS 10.2.4-h23",
"PAN-OS 10.2.4-h22",
"PAN-OS 10.2.4-h21",
"PAN-OS 10.2.4-h20",
"PAN-OS 10.2.4-h19",
"PAN-OS 10.2.4-h18",
"PAN-OS 10.2.4-h17",
"PAN-OS 10.2.4-h16",
"PAN-OS 10.2.4-h15",
"PAN-OS 10.2.4-h14",
"PAN-OS 10.2.4-h13",
"PAN-OS 10.2.4-h12",
"PAN-OS 10.2.4-h11",
"PAN-OS 10.2.4-h10",
"PAN-OS 10.2.4-h9",
"PAN-OS 10.2.4-h8",
"PAN-OS 10.2.4-h7",
"PAN-OS 10.2.4-h6",
"PAN-OS 10.2.4-h5",
"PAN-OS 10.2.4-h4",
"PAN-OS 10.2.4-h3",
"PAN-OS 10.2.4-h2",
"PAN-OS 10.2.4-h1",
"PAN-OS 10.2.4",
"PAN-OS 10.2.3-h14",
"PAN-OS 10.2.3-h13",
"PAN-OS 10.2.3-h12",
"PAN-OS 10.2.3-h11",
"PAN-OS 10.2.3-h10",
"PAN-OS 10.2.3-h9",
"PAN-OS 10.2.3-h8",
"PAN-OS 10.2.3-h7",
"PAN-OS 10.2.3-h6",
"PAN-OS 10.2.3-h5",
"PAN-OS 10.2.3-h4",
"PAN-OS 10.2.3-h3",
"PAN-OS 10.2.3-h2",
"PAN-OS 10.2.3-h1",
"PAN-OS 10.2.3",
"PAN-OS 10.2.2-h6",
"PAN-OS 10.2.2-h5",
"PAN-OS 10.2.2-h4",
"PAN-OS 10.2.2-h3",
"PAN-OS 10.2.2-h2",
"PAN-OS 10.2.2-h1",
"PAN-OS 10.2.2",
"PAN-OS 10.2.1-h3",
"PAN-OS 10.2.1-h2",
"PAN-OS 10.2.1-h1",
"PAN-OS 10.2.1",
"PAN-OS 10.2.0-h4",
"PAN-OS 10.2.0-h3",
"PAN-OS 10.2.0-h2",
"PAN-OS 10.2.0-h1",
"PAN-OS 10.2.0",
"PAN-OS 10.1.14-h8",
"PAN-OS 10.1.14-h7",
"PAN-OS 10.1.14-h6",
"PAN-OS 10.1.14-h5",
"PAN-OS 10.1.14-h4",
"PAN-OS 10.1.14-h3",
"PAN-OS 10.1.14-h2",
"PAN-OS 10.1.14-h1",
"PAN-OS 10.1.14",
"PAN-OS 10.1.13-h5",
"PAN-OS 10.1.13-h4",
"PAN-OS 10.1.13-h3",
"PAN-OS 10.1.13-h2",
"PAN-OS 10.1.13-h1",
"PAN-OS 10.1.13",
"PAN-OS 10.1.12-h3",
"PAN-OS 10.1.12-h2",
"PAN-OS 10.1.12-h1",
"PAN-OS 10.1.12",
"PAN-OS 10.1.11-h10",
"PAN-OS 10.1.11-h9",
"PAN-OS 10.1.11-h8",
"PAN-OS 10.1.11-h7",
"PAN-OS 10.1.11-h6",
"PAN-OS 10.1.11-h5",
"PAN-OS 10.1.11-h4",
"PAN-OS 10.1.11-h3",
"PAN-OS 10.1.11-h2",
"PAN-OS 10.1.11-h1",
"PAN-OS 10.1.11",
"PAN-OS 10.1.10-h9",
"PAN-OS 10.1.10-h8",
"PAN-OS 10.1.10-h7",
"PAN-OS 10.1.10-h6",
"PAN-OS 10.1.10-h5",
"PAN-OS 10.1.10-h4",
"PAN-OS 10.1.10-h3",
"PAN-OS 10.1.10-h2",
"PAN-OS 10.1.10-h1",
"PAN-OS 10.1.10",
"PAN-OS 10.1.9-h14",
"PAN-OS 10.1.9-h13",
"PAN-OS 10.1.9-h12",
"PAN-OS 10.1.9-h11",
"PAN-OS 10.1.9-h10",
"PAN-OS 10.1.9-h9",
"PAN-OS 10.1.9-h8",
"PAN-OS 10.1.9-h7",
"PAN-OS 10.1.9-h6",
"PAN-OS 10.1.9-h5",
"PAN-OS 10.1.9-h4",
"PAN-OS 10.1.9-h3",
"PAN-OS 10.1.9-h2",
"PAN-OS 10.1.9-h1",
"PAN-OS 10.1.9",
"PAN-OS 10.1.8-h8",
"PAN-OS 10.1.8-h7",
"PAN-OS 10.1.8-h6",
"PAN-OS 10.1.8-h5",
"PAN-OS 10.1.8-h4",
"PAN-OS 10.1.8-h3",
"PAN-OS 10.1.8-h2",
"PAN-OS 10.1.8-h1",
"PAN-OS 10.1.8",
"PAN-OS 10.1.7-h1",
"PAN-OS 10.1.7",
"PAN-OS 10.1.6-h9",
"PAN-OS 10.1.6-h8",
"PAN-OS 10.1.6-h7",
"PAN-OS 10.1.6-h6",
"PAN-OS 10.1.6-h5",
"PAN-OS 10.1.6-h4",
"PAN-OS 10.1.6-h3",
"PAN-OS 10.1.6-h2",
"PAN-OS 10.1.6-h1",
"PAN-OS 10.1.6",
"PAN-OS 10.1.5-h4",
"PAN-OS 10.1.5-h3",
"PAN-OS 10.1.5-h2",
"PAN-OS 10.1.5-h1",
"PAN-OS 10.1.5",
"PAN-OS 10.1.4-h6",
"PAN-OS 10.1.4-h5",
"PAN-OS 10.1.4-h4",
"PAN-OS 10.1.4-h3",
"PAN-OS 10.1.4-h2",
"PAN-OS 10.1.4-h1",
"PAN-OS 10.1.4",
"PAN-OS 10.1.3-h4",
"PAN-OS 10.1.3-h3",
"PAN-OS 10.1.3-h2",
"PAN-OS 10.1.3-h1",
"PAN-OS 10.1.3",
"PAN-OS 10.1.2",
"PAN-OS 10.1.1",
"PAN-OS 10.1.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0108",
"datePublished": "2025-02-12T20:55:34.610Z",
"dateReserved": "2024-12-20T23:23:10.451Z",
"dateUpdated": "2026-02-26T19:08:49.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0132 (GCVE-0-2025-0132)
Vulnerability from cvelistv5 – Published: 2025-05-14 18:07 – Updated: 2025-05-14 20:51
VLAI
Title
Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services
Summary
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.
The attacker must have network access to the Broker VM to exploit this issue.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0132 | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cortex XDR Broker VM |
Affected:
26.0.0 , < 26.0.119
(custom)
cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.100.10:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.100.3:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.0.119:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.0.116:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:25.100.4:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:25.0.44:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.100.4:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.4.7:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.2.8:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.5.1:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.100.2:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.0.35:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.0.33:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:22.0.35:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:22.0.32:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:21.5.4:*:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:20.9.1:*:*:*:*:*:*:* |
Date Public
2025-05-14 16:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-14T20:51:30.365291Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T20:51:36.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.100.10:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.100.3:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.0.119:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:26.0.116:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:25.100.4:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:25.0.44:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.100.4:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.4.7:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.2.8:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:24.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.100.2:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.0.35:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:23.0.33:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:22.0.35:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:22.0.32:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:21.5.4:*:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:cortex_xdr_broker_vm:20.9.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Cortex XDR Broker VM",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "26.0.119",
"status": "unaffected"
}
],
"lessThan": "26.0.119",
"status": "affected",
"version": "26.0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bartosz Cha\u0142ek"
},
{
"lang": "en",
"type": "finder",
"value": "Piotr Kozowicz of CERT Team of ING Bank Slaski"
}
],
"datePublic": "2025-05-14T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A missing authentication vulnerability in Palo Alto Networks Cortex XDR\u00ae Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eThe attacker must have network access to the Broker VM to exploit this issue."
}
],
"value": "A missing authentication vulnerability in Palo Alto Networks Cortex XDR\u00ae Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.\u00a0\n\nThe attacker must have network access to the Broker VM to exploit this issue."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-36",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-36 Using Unpublished APIs"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T18:07:15.351Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0132"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Cortex XDR Broker VM 26.0.119, and all later Cortex XDR Broker VM versions.\u003cbr\u003e\u003cul\u003e\u003cli\u003eIf you enabled automatic upgrades for Broker VM, then no action is required at this time.\u0026nbsp;\u003c/li\u003e\u003cli\u003eIf you did not enable automatic upgrades, then we recommend that you do so for Broker VM to ensure that you always have the latest security patches installed in your software.\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "This issue is fixed in Cortex XDR Broker VM 26.0.119, and all later Cortex XDR Broker VM versions.\n * If you enabled automatic upgrades for Broker VM, then no action is required at this time.\u00a0\n * If you did not enable automatic upgrades, then we recommend that you do so for Broker VM to ensure that you always have the latest security patches installed in your software."
}
],
"source": {
"defect": [
"CRTX-147815"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-05-14T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Cortex XDR Broker VM: Unauthenticated User Can Disable Internal Services",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No known workarounds or mitigations exist for this issue."
}
],
"value": "No known workarounds or mitigations exist for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0132",
"datePublished": "2025-05-14T18:07:15.351Z",
"dateReserved": "2024-12-20T23:23:32.897Z",
"dateUpdated": "2025-05-14T20:51:36.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0256 (GCVE-0-2025-0256)
Vulnerability from cvelistv5 – Published: 2025-03-24 15:35 – Updated: 2025-03-31 18:12
VLAI
Title
HCL DevOps Deploy / HCL Launch is susceptible to a sensitive information disclosure
Summary
HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.
Severity
4.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | HCL DevOps Deploy / HCL Launch |
Affected:
7.0 - 7.0.5.25; 7.1 - 7.1.2.21; 7.2 - 7.2.3.14; 7.3 - 7.3.2.9; 8.0 - 8.0.1.4; 8.1.0.0
|
Date Public
2025-03-24 14:17
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0256",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-31T18:12:20.923856Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T18:12:48.412Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HCL DevOps Deploy / HCL Launch",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "7.0 - 7.0.5.25; 7.1 - 7.1.2.21; 7.2 - 7.2.3.14; 7.3 - 7.3.2.9; 8.0 - 8.0.1.4; 8.1.0.0"
}
]
}
],
"datePublic": "2025-03-24T14:17:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information about other users on the system due to missing authorization for a function."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-24T15:45:18.469Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0119059"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL DevOps Deploy / HCL Launch is susceptible to a sensitive information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0256",
"datePublished": "2025-03-24T15:35:38.160Z",
"dateReserved": "2025-01-06T16:00:32.361Z",
"dateUpdated": "2025-03-31T18:12:48.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0257 (GCVE-0-2025-0257)
Vulnerability from cvelistv5 – Published: 2025-04-02 22:04 – Updated: 2025-04-03 19:17
VLAI
Title
HCL DevOps Deploy / HCL Launch is susceptible to unauthorized access to other services
Summary
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | HCL DevOps Deploy / HCL Launch |
Affected:
7.1 - 7.1.2.22; 7.2 - 7.2.3.15; 7.3 - 7.3.2.10; 8.0 - 8.0.1.5; 8.1 - 8.1.0.1
|
Date Public
2025-04-02 17:20
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0257",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T19:17:08.891989Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T19:17:23.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "HCL DevOps Deploy / HCL Launch",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "7.1 - 7.1.2.22; 7.2 - 7.2.3.15; 7.3 - 7.3.2.10; 8.0 - 8.0.1.5; 8.1 - 8.1.0.1"
}
]
}
],
"datePublic": "2025-04-02T17:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eHCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential exposure of sensitive data due to missing authentication in its Agent Relay service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-02T22:04:02.098Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0119061"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL DevOps Deploy / HCL Launch is susceptible to unauthorized access to other services",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0257",
"datePublished": "2025-04-02T22:04:02.098Z",
"dateReserved": "2025-01-06T16:00:33.541Z",
"dateUpdated": "2025-04-03T19:17:23.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0274 (GCVE-0-2025-0274)
Vulnerability from cvelistv5 – Published: 2025-10-16 04:56 – Updated: 2025-10-16 14:32
VLAI
Title
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control
Summary
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | BigFix Modern Client Management |
Affected:
<=3.3
|
Date Public
2025-10-16 04:54
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0274",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:32:40.459139Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:32:54.597Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BigFix Modern Client Management",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c=3.3"
}
]
}
],
"datePublic": "2025-10-16T04:54:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T04:56:49.062Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0274",
"datePublished": "2025-10-16T04:56:49.062Z",
"dateReserved": "2025-01-06T16:01:30.880Z",
"dateUpdated": "2025-10-16T14:32:54.597Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0275 (GCVE-0-2025-0275)
Vulnerability from cvelistv5 – Published: 2025-10-16 05:14 – Updated: 2025-10-16 14:31
VLAI
Title
HCL BigFix Mobile 3.3 and earlier is affected by improper access control
Summary
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HCL Software | BigFix Mobile |
Affected:
<=3.3
|
Date Public
2025-10-16 04:54
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:31:30.818190Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:31:36.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BigFix Mobile",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "\u003c=3.3"
}
]
}
],
"datePublic": "2025-10-16T04:54:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eHCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T05:14:24.512Z",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124512"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HCL BigFix Mobile 3.3 and earlier is affected by improper access control",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2025-0275",
"datePublished": "2025-10-16T05:14:24.512Z",
"dateReserved": "2025-01-06T16:01:32.042Z",
"dateUpdated": "2025-10-16T14:31:36.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0355 (GCVE-0-2025-0355)
Vulnerability from cvelistv5 – Published: 2025-01-15 07:23 – Updated: 2025-01-21 03:34
VLAI
Summary
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-306 - Missing Authentication for Critical Function
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| NEC Corporation | WG2600HS |
Affected:
Ver.1.7.2 and earlier
|
|
| NEC Corporation | WF1200CR |
Affected:
Ver.1.6.0 and earlier
|
|
| NEC Corporation | WG1200CR |
Affected:
Ver.1.5.0 and earlier
|
|
| NEC Corporation | GB1200PE |
Affected:
Ver.1.3.0 and earlier
|
|
| NEC Corporation | WG2600HP4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HM4 |
Affected:
Ver.1.4.2 and earlier
|
|
| NEC Corporation | WG2600HS2 |
Affected:
Ver.1.3.2 and earlier
|
|
| NEC Corporation | WX3000HP |
Affected:
Ver.2.4.2 and earlier
|
|
| NEC Corporation | WX4200D5 |
Affected:
Ver.1.2.4 and earlier
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0355",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-15T15:01:29.278695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T15:01:48.659Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "WG2600HS",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.7.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WF1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.6.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG1200CR",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.5.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "GB1200PE",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.3.0 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HP4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HM4",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WG2600HS2",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.3.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX3000HP",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.2.4.2 and earlier"
}
]
},
{
"defaultStatus": "unknown",
"product": "WX4200D5",
"vendor": "NEC Corporation",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.4 and earlier"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Takayuki Sasaki and Katsunari Yoshioka of Yokohama National University."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network."
}
],
"value": "Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier, WF1200CRS Ver.1.6.0 and earlier, WG1200CRS Ver.1.5.0 and earlier, GB1200PE Ver.1.3.0 and earlier, WG2600HP4 Ver.1.4.2 and earlier, WG2600HM4 Ver.1.4.2 and earlier, WG2600HS2 Ver.1.3.2 and earlier, WX3000HP Ver.2.4.2 and earlier and WX4200D5 Ver.1.2.4 and earlier allows a attacker to get a Wi-Fi password via the network."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306: Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T03:34:13.440Z",
"orgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"shortName": "NEC"
},
"references": [
{
"url": "https://jpn.nec.com/security-info/secinfo/nv25-003_en.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2760a35-e0d8-4637-ac4c-cc1a2de3e282",
"assignerShortName": "NEC",
"cveId": "CVE-2025-0355",
"datePublished": "2025-01-15T07:23:39.481Z",
"dateReserved": "2025-01-09T06:20:49.647Z",
"dateUpdated": "2025-01-21T03:34:13.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Divide the software into anonymous, normal, privileged, and administrative areas. Identify which of these areas require a proven user identity, and use a centralized authentication capability.
- Identify all potential communication channels, or other means of interaction with the software, to ensure that all channels are appropriately protected, including those channels that are assumed to be accessible only by authorized parties. Developers sometimes perform authentication at the primary channel, but open up a secondary channel that is assumed to be private. For example, a login mechanism may be listening on one network port, but after successful authentication, it may open up a second port where it waits for the connection, but avoids authentication because it assumes that only the authenticated party will connect to the port.
- In general, if the software or protocol allows a single session or user state to persist across multiple connections or channels, authentication and appropriate credential management need to be used throughout.
Mitigation ID: MIT-15
Phase: Architecture and Design
Description:
- For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Mitigation
Phase: Architecture and Design
Description:
- Where possible, avoid implementing custom, "grow-your-own" authentication routines and consider using authentication capabilities as provided by the surrounding framework, operating system, or environment. These capabilities may avoid common weaknesses that are unique to authentication; support automatic auditing and tracking; and make it easier to provide a clear separation between authentication tasks and authorization tasks.
- In environments such as the World Wide Web, the line between authentication and authorization is sometimes blurred. If custom authentication routines are required instead of those provided by the server, then these routines must be applied to every single page, since these pages could be requested directly.
Mitigation ID: MIT-4.5
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator [REF-45].
Mitigation
Phases: Implementation, System Configuration, Operation
Description:
- When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to require strong authentication for users who should be allowed to access the data [REF-1297] [REF-1298] [REF-1302].
CAPEC-12: Choosing Message Identifier
This pattern of attack is defined by the selection of messages distributed via multicast or public information channels that are intended for another client by determining the parameter value assigned to that client. This attack allows the adversary to gain access to potentially privileged information, and to possibly perpetrate other attacks through the distribution means by impersonation. If the channel/message being manipulated is an input rather than output mechanism for the system, (such as a command bus), this style of attack could be used to change the adversary's identifier to more a privileged one.
CAPEC-166: Force the System to Reset Values
An attacker forces the target into a previous state in order to leverage potential weaknesses in the target dependent upon a prior configuration or state-dependent factors. Even in cases where an attacker may not be able to directly control the configuration of the targeted application, they may be able to reset the configuration to a prior state since many applications implement reset functions.
CAPEC-216: Communication Channel Manipulation
An adversary manipulates a setting or parameter on communications channel in order to compromise its security. This can result in information exposure, insertion/removal of information from the communications stream, and/or potentially system compromise.
CAPEC-36: Using Unpublished Interfaces or Functionality
An adversary searches for and invokes interfaces or functionality that the target system designers did not intend to be publicly available. If interfaces fail to authenticate requests, the attacker may be able to invoke functionality they are not authorized for.
CAPEC-62: Cross Site Request Forgery
An attacker crafts malicious web links and distributes them (via web pages, email, etc.), typically in a targeted manner, hoping to induce users to click on the link and execute the malicious action against some third-party application. If successful, the action embedded in the malicious link will be processed and accepted by the targeted application with the users' privilege level. This type of attack leverages the persistence and implicit trust placed in user session cookies by many web applications today. In such an architecture, once the user authenticates to an application and a session cookie is created on the user's system, all following transactions for that session are authenticated using that cookie including potential actions initiated by an attacker and simply "riding" the existing session cookie.