Search criteria
6 vulnerabilities found for Checkov by Prisma Cloud by Palo Alto Networks
CERTFR-2025-AVI-0695
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 138.53.6.158 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions antérieures à 6.2.8-h3 (6.2.8-c263) pour Windows | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions antérieures à 6.3.3 pour Linux | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.8 sur PA-7500 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.3.x antérieures à 6.3.3-h2 (6.3.3-c676) pour Windows | ||
| Palo Alto Networks | Checkov by Prisma Cloud | Checkov by Prisma Cloud versions 3.2.x antérieures à 3.2.449 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.10 sur PA-7500 | ||
| Palo Alto Networks | Cortex XDR Broker | Cortex XDR Broker VM versions 28.0.x antérieures à 28.0.52 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 138.53.6.158",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.2.8-h3 (6.2.8-c263) pour Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions ant\u00e9rieures \u00e0 6.3.3 pour Linux",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.8 sur PA-7500",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3-h2 (6.3.3-c676) pour Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Checkov by Prisma Cloud versions 3.2.x ant\u00e9rieures \u00e0 3.2.449",
"product": {
"name": "Checkov by Prisma Cloud",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.10 sur PA-7500",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Broker VM versions 28.0.x ant\u00e9rieures \u00e0 28.0.52",
"product": {
"name": "Cortex XDR Broker",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-2182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2182"
},
{
"name": "CVE-2025-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2183"
},
{
"name": "CVE-2025-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7656"
},
{
"name": "CVE-2025-7657",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7657"
},
{
"name": "CVE-2024-5921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5921"
},
{
"name": "CVE-2025-2184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2184"
},
{
"name": "CVE-2025-8292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8292"
},
{
"name": "CVE-2025-6558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6558"
},
{
"name": "CVE-2025-8010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8010"
},
{
"name": "CVE-2025-2181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2181"
},
{
"name": "CVE-2025-8011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8011"
},
{
"name": "CVE-2025-2180",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2180"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0695",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-2183",
"url": "https://security.paloaltonetworks.com/CVE-2025-2183"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-2180",
"url": "https://security.paloaltonetworks.com/CVE-2025-2180"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-2181",
"url": "https://security.paloaltonetworks.com/CVE-2025-2181"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-2184",
"url": "https://security.paloaltonetworks.com/CVE-2025-2184"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-2182",
"url": "https://security.paloaltonetworks.com/CVE-2025-2182"
},
{
"published_at": "2025-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0014",
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0014"
}
]
}
CVE-2025-2181 (GCVE-0-2025-2181)
Vulnerability from cvelistv5 – Published: 2025-08-13 17:03 – Updated: 2025-08-13 20:31
VLAI?
Summary
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output.
Severity ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Checkov by Prisma Cloud |
Affected:
3.2.0 , < 3.2.449
(custom)
|
Credits
Shashank Chaurasia
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T20:31:31.868823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:31:43.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkov by Prisma Cloud",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "3.2.449",
"status": "unaffected"
}
],
"lessThan": "3.2.449",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Shashank Chaurasia"
}
],
"datePublic": "2025-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u0026nbsp;Prisma Cloud access keys in Checkov\u0027s output.\u003c/p\u003e"
}
],
"value": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov\u0027s output."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Attacker finds a Prisma Cloud access key in a Checkov output file that a user uploaded to an insecure location."
}
]
},
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Attacker gains access to a system and then finds a Checkov output file that contains an exposed Prisma Cloud access key."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:03:03.787Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-2181"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eCheckov by Prisma Cloud 3.2\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e3.2.0 through 3.2.448\u003c/td\u003e\n \u003ctd\u003eUpgrade to 3.2.449 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003eCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.448\n Upgrade to 3.2.449 or later.\n \nCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."
}
],
"source": {
"defect": [
"BCE-42897"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-08-13T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Checkov by Prisma Cloud: Cleartext Exposure of Credentials",
"workarounds": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No known workarounds exist for this issue."
}
],
"value": "No known workarounds exist for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-2181",
"datePublished": "2025-08-13T17:03:03.787Z",
"dateReserved": "2025-03-10T17:56:23.828Z",
"dateUpdated": "2025-08-13T20:31:43.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2180 (GCVE-0-2025-2180)
Vulnerability from cvelistv5 – Published: 2025-08-13 17:02 – Updated: 2025-08-13 17:21
VLAI?
Summary
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud.
This issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415.
Severity ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Checkov by Prisma Cloud |
Affected:
3.2.0 , < 3.2.415
(custom)
|
Credits
Palo Alto Networks thanks Bryan Eastes for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T17:20:30.282985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:21:30.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkov by Prisma Cloud",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "3.2.415",
"status": "unaffected"
}
],
"lessThan": "3.2.415",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eNo special configuration is required to be vulnerable to this issue.\u003c/span\u003e"
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Bryan Eastes for discovering and reporting this issue."
}
],
"datePublic": "2025-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma\u00ae Cloud.\u003cbr\u003e\u003cbr\u003eThis issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415."
}
],
"value": "An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma\u00ae Cloud.\n\nThis issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "If the user scans infrastructure as code (IaC) files from untrusted sources."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:02:47.899Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-2180"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eCheckov by Prisma Cloud 3.2\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e3.2.0 through 3.2.414\u003c/td\u003e\n \u003ctd\u003eUpgrade to 3.2.415 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.414\n Upgrade to 3.2.415 or later."
}
],
"source": {
"defect": [
"BCE-44235"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-08-13T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not run Checkov on terraform files from untrusted sources or pull requests."
}
],
"value": "Do not run Checkov on terraform files from untrusted sources or pull requests."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-2180",
"datePublished": "2025-08-13T17:02:47.899Z",
"dateReserved": "2025-03-10T17:56:22.502Z",
"dateUpdated": "2025-08-13T17:21:30.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2181 (GCVE-0-2025-2181)
Vulnerability from nvd – Published: 2025-08-13 17:03 – Updated: 2025-08-13 20:31
VLAI?
Summary
A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output.
Severity ?
CWE
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Checkov by Prisma Cloud |
Affected:
3.2.0 , < 3.2.449
(custom)
|
Credits
Shashank Chaurasia
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2181",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T20:31:31.868823Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:31:43.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkov by Prisma Cloud",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "3.2.449",
"status": "unaffected"
}
],
"lessThan": "3.2.449",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Shashank Chaurasia"
}
],
"datePublic": "2025-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u0026nbsp;Prisma Cloud access keys in Checkov\u0027s output.\u003c/p\u003e"
}
],
"value": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov\u0027s output."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-37",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-37 Retrieve Embedded Sensitive Data"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Attacker finds a Prisma Cloud access key in a Checkov output file that a user uploaded to an insecure location."
}
]
},
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "Attacker gains access to a system and then finds a Checkov output file that contains an exposed Prisma Cloud access key."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:03:03.787Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-2181"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eCheckov by Prisma Cloud 3.2\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e3.2.0 through 3.2.448\u003c/td\u003e\n \u003ctd\u003eUpgrade to 3.2.449 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003eCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.448\n Upgrade to 3.2.449 or later.\n \nCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."
}
],
"source": {
"defect": [
"BCE-42897"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-08-13T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Checkov by Prisma Cloud: Cleartext Exposure of Credentials",
"workarounds": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No known workarounds exist for this issue."
}
],
"value": "No known workarounds exist for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-2181",
"datePublished": "2025-08-13T17:03:03.787Z",
"dateReserved": "2025-03-10T17:56:23.828Z",
"dateUpdated": "2025-08-13T20:31:43.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2180 (GCVE-0-2025-2180)
Vulnerability from nvd – Published: 2025-08-13 17:02 – Updated: 2025-08-13 17:21
VLAI?
Summary
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud.
This issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415.
Severity ?
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Checkov by Prisma Cloud |
Affected:
3.2.0 , < 3.2.415
(custom)
|
Credits
Palo Alto Networks thanks Bryan Eastes for discovering and reporting this issue.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2180",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T17:20:30.282985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:21:30.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Checkov by Prisma Cloud",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "3.2.415",
"status": "unaffected"
}
],
"lessThan": "3.2.415",
"status": "affected",
"version": "3.2.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eNo special configuration is required to be vulnerable to this issue.\u003c/span\u003e"
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Palo Alto Networks thanks Bryan Eastes for discovering and reporting this issue."
}
],
"datePublic": "2025-08-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma\u00ae Cloud.\u003cbr\u003e\u003cbr\u003eThis issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415."
}
],
"value": "An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma\u00ae Cloud.\n\nThis issue impacts Checkov 3.0 versions earlier than Checkov 3.2.415."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "If the user scans infrastructure as code (IaC) files from untrusted sources."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T17:02:47.899Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-2180"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eCheckov by Prisma Cloud 3.2\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e3.2.0 through 3.2.414\u003c/td\u003e\n \u003ctd\u003eUpgrade to 3.2.415 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.414\n Upgrade to 3.2.415 or later."
}
],
"source": {
"defect": [
"BCE-44235"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-08-13T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Do not run Checkov on terraform files from untrusted sources or pull requests."
}
],
"value": "Do not run Checkov on terraform files from untrusted sources or pull requests."
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-2180",
"datePublished": "2025-08-13T17:02:47.899Z",
"dateReserved": "2025-03-10T17:56:22.502Z",
"dateUpdated": "2025-08-13T17:21:30.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}