Search criteria
4 vulnerabilities found for Prisma SD-WAN by Palo Alto Networks
CVE-2025-0122 (GCVE-0-2025-0122)
Vulnerability from cvelistv5 – Published: 2025-04-11 01:48 – Updated: 2025-04-11 16:02
VLAI?
Title
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets
Summary
A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Prisma SD-WAN |
Affected:
6.5.0 , < 6.5.1
(custom)
Affected: 6.4.0 , < 6.4.2 (custom) Affected: 6.3.0 , < 6.3.4 (custom) Affected: 6.2.0 (custom) Affected: 6.1.0 , < 6.1.10 (custom) |
Credits
Vajrapu Venkata Sarat Kumar of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T15:38:04.495847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T16:02:27.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Prisma SD-WAN",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.5.1",
"status": "unaffected"
}
],
"lessThan": "6.5.1",
"status": "affected",
"version": "6.5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.4.2",
"status": "unaffected"
}
],
"lessThan": "6.4.2",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.3.4",
"status": "unaffected"
}
],
"lessThan": "6.3.4",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.10",
"status": "unaffected"
}
],
"lessThan": "6.1.10",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Vajrapu Venkata Sarat Kumar of Palo Alto Networks"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma\u00ae SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device."
}
],
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma\u00ae SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-482",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-482 TCP Flood"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T01:48:04.772Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0122"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.5\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.5.1 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.4.2 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.3\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.3.4 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.2\u003c/td\u003e\u003ctd\u003eUpgrade to\u0026nbsp;Prisma SD-WAN 6.3.4 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.1\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.1.10 or later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "VersionSuggested SolutionPrisma SD-WAN 6.5Upgrade to Prisma SD-WAN 6.5.1 or laterPrisma SD-WAN 6.4\nUpgrade to Prisma SD-WAN 6.4.2 or laterPrisma SD-WAN 6.3Upgrade to Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.2Upgrade to\u00a0Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.1Upgrade to Prisma SD-WAN 6.1.10 or later"
}
],
"source": {
"defect": [
"CGSDW-23881"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_affectedList": [
"Prisma SD-WAN 6.5.0",
"Prisma SD-WAN 6.4.0",
"Prisma SD-WAN 6.4.1",
"Prisma SD-WAN 6.3.0",
"Prisma SD-WAN 6.3.1",
"Prisma SD-WAN 6.3.2",
"Prisma SD-WAN 6.3.3",
"Prisma SD-WAN 6.1.0",
"Prisma SD-WAN 6.1.1",
"Prisma SD-WAN 6.1.2",
"Prisma SD-WAN 6.1.3",
"Prisma SD-WAN 6.1.4",
"Prisma SD-WAN 6.1.5",
"Prisma SD-WAN 6.1.6",
"Prisma SD-WAN 6.1.7",
"Prisma SD-WAN 6.1.8",
"Prisma SD-WAN 6.1.9"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0122",
"datePublished": "2025-04-11T01:48:04.772Z",
"dateReserved": "2024-12-20T23:23:23.383Z",
"dateUpdated": "2025-04-11T16:02:27.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0122 (GCVE-0-2025-0122)
Vulnerability from nvd – Published: 2025-04-11 01:48 – Updated: 2025-04-11 16:02
VLAI?
Title
Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets
Summary
A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma® SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Palo Alto Networks | Prisma SD-WAN |
Affected:
6.5.0 , < 6.5.1
(custom)
Affected: 6.4.0 , < 6.4.2 (custom) Affected: 6.3.0 , < 6.3.4 (custom) Affected: 6.2.0 (custom) Affected: 6.1.0 , < 6.1.10 (custom) |
Credits
Vajrapu Venkata Sarat Kumar of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-11T15:38:04.495847Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T16:02:27.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Prisma SD-WAN",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.5.1",
"status": "unaffected"
}
],
"lessThan": "6.5.1",
"status": "affected",
"version": "6.5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.4.2",
"status": "unaffected"
}
],
"lessThan": "6.4.2",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.3.4",
"status": "unaffected"
}
],
"lessThan": "6.3.4",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.10",
"status": "unaffected"
}
],
"lessThan": "6.1.10",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Vajrapu Venkata Sarat Kumar of Palo Alto Networks"
}
],
"datePublic": "2025-04-09T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma\u00ae SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device."
}
],
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma\u00ae SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-482",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-482 TCP Flood"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "YES",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:A/V:D/RE:L/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-11T01:48:04.772Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0122"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003c/th\u003e\u003cth\u003eSuggested Solution\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.5\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.5.1 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.4\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.4.2 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.3\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.3.4 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.2\u003c/td\u003e\u003ctd\u003eUpgrade to\u0026nbsp;Prisma SD-WAN 6.3.4 or later\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003ePrisma SD-WAN 6.1\u003c/td\u003e\u003ctd\u003eUpgrade to Prisma SD-WAN 6.1.10 or later\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "VersionSuggested SolutionPrisma SD-WAN 6.5Upgrade to Prisma SD-WAN 6.5.1 or laterPrisma SD-WAN 6.4\nUpgrade to Prisma SD-WAN 6.4.2 or laterPrisma SD-WAN 6.3Upgrade to Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.2Upgrade to\u00a0Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.1Upgrade to Prisma SD-WAN 6.1.10 or later"
}
],
"source": {
"defect": [
"CGSDW-23881"
],
"discovery": "INTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-04-09T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through Burst of Crafted Packets",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"x_affectedList": [
"Prisma SD-WAN 6.5.0",
"Prisma SD-WAN 6.4.0",
"Prisma SD-WAN 6.4.1",
"Prisma SD-WAN 6.3.0",
"Prisma SD-WAN 6.3.1",
"Prisma SD-WAN 6.3.2",
"Prisma SD-WAN 6.3.3",
"Prisma SD-WAN 6.1.0",
"Prisma SD-WAN 6.1.1",
"Prisma SD-WAN 6.1.2",
"Prisma SD-WAN 6.1.3",
"Prisma SD-WAN 6.1.4",
"Prisma SD-WAN 6.1.5",
"Prisma SD-WAN 6.1.6",
"Prisma SD-WAN 6.1.7",
"Prisma SD-WAN 6.1.8",
"Prisma SD-WAN 6.1.9"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0122",
"datePublished": "2025-04-11T01:48:04.772Z",
"dateReserved": "2024-12-20T23:23:23.383Z",
"dateUpdated": "2025-04-11T16:02:27.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CERTFR-2025-AVI-0301
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | Prisma SD-WAN | Prisma SD-WAN versions 6.2.x et 6.3.x antérieures à 6.3.4 | ||
| Palo Alto Networks | Prisma SD-WAN | Prisma SD-WAN versions 6.5.x antérieures à 6.5.1 | ||
| Palo Alto Networks | Cortex XDR Agent | Cortex XDR Agent versions 8.3-CE.x antérieures à 8.3.101-CE HF pour Windows | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.6 | ||
| Palo Alto Networks | Prisma Access | Prisma Access versions 10.2.4.x antérieures à 10.2.4-h36 | ||
| Palo Alto Networks | Cloud NGFW | Cloud NGFW sans les derniers correctifs de sécurité | ||
| Palo Alto Networks | Prisma Access | Prisma Access versions 11.2.x antérieures à 11.2.4-h5 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.x antérieures à 6.2.8 pour Windows | ||
| Palo Alto Networks | Cortex XDR Broker | Cortex XDR Broker VM versions antérieures à 26.100.3 | ||
| Palo Alto Networks | GlobalProtect App | GlobalProtect App versions 6.3.x antérieures à 6.3.3 pour Windows | ||
| Palo Alto Networks | Prisma SD-WAN | Prisma SD-WAN versions 6.4.x antérieures à 6.4.2 | ||
| Palo Alto Networks | Cortex XDR Agent | Cortex XDR Agent versions 8.6.x antérieures à 8.6.1 pour Windows | ||
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 132.83.3017.1 | ||
| Palo Alto Networks | Prisma SD-WAN | Prisma SD-WAN versions 6.1.x antérieures à 6.1.10 | ||
| Palo Alto Networks | Cortex XDR Agent | Cortex XDR Agent versions 8.5.x antérieures à 8.5.2 pour Windows | ||
| Palo Alto Networks | Prisma Access | Prisma Access versions 10.2.10.x antérieures à 10.2.10-h16 | ||
| Palo Alto Networks | Cortex XDR Agent | Cortex XDR Agent versions 7.9-CE.x antérieures à 7.9.103-CE HF pour Windows | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.1.x antérieures à 10.1.14-h13 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.8 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.0.x antérieures à 11.0.6 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.2.x antérieures à 10.2.15 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Prisma SD-WAN versions 6.2.x et 6.3.x ant\u00e9rieures \u00e0 6.3.4",
"product": {
"name": "Prisma SD-WAN",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma SD-WAN versions 6.5.x ant\u00e9rieures \u00e0 6.5.1",
"product": {
"name": "Prisma SD-WAN",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Agent versions 8.3-CE.x ant\u00e9rieures \u00e0 8.3.101-CE HF pour Windows",
"product": {
"name": "Cortex XDR Agent",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.6",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access versions 10.2.4.x ant\u00e9rieures \u00e0 10.2.4-h36",
"product": {
"name": "Prisma Access",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cloud NGFW sans les derniers correctifs de s\u00e9curit\u00e9",
"product": {
"name": "Cloud NGFW",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access versions 11.2.x ant\u00e9rieures \u00e0 11.2.4-h5",
"product": {
"name": "Prisma Access",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.x ant\u00e9rieures \u00e0 6.2.8 pour Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Broker VM versions ant\u00e9rieures \u00e0 26.100.3",
"product": {
"name": "Cortex XDR Broker",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "GlobalProtect App versions 6.3.x ant\u00e9rieures \u00e0 6.3.3 pour Windows",
"product": {
"name": "GlobalProtect App",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma SD-WAN versions 6.4.x ant\u00e9rieures \u00e0 6.4.2",
"product": {
"name": "Prisma SD-WAN",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Agent versions 8.6.x ant\u00e9rieures \u00e0 8.6.1 pour Windows",
"product": {
"name": "Cortex XDR Agent",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 132.83.3017.1",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma SD-WAN versions 6.1.x ant\u00e9rieures \u00e0 6.1.10",
"product": {
"name": "Prisma SD-WAN",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Agent versions 8.5.x ant\u00e9rieures \u00e0 8.5.2 pour Windows",
"product": {
"name": "Cortex XDR Agent",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access versions 10.2.10.x ant\u00e9rieures \u00e0 10.2.10-h16",
"product": {
"name": "Prisma Access",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Cortex XDR Agent versions 7.9-CE.x ant\u00e9rieures \u00e0 7.9.103-CE HF pour Windows",
"product": {
"name": "Cortex XDR Agent",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14-h13",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.8",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.6",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.15",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-0124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0124"
},
{
"name": "CVE-2025-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2783"
},
{
"name": "CVE-2025-2136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2136"
},
{
"name": "CVE-2025-0120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0120"
},
{
"name": "CVE-2025-0128",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0128"
},
{
"name": "CVE-2025-1920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1920"
},
{
"name": "CVE-2025-0126",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0126"
},
{
"name": "CVE-2025-0129",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0129"
},
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2025-2137",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2137"
},
{
"name": "CVE-2025-0121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0121"
},
{
"name": "CVE-2025-0127",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0127"
},
{
"name": "CVE-2025-0123",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0123"
},
{
"name": "CVE-2025-0125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0125"
},
{
"name": "CVE-2025-0122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0122"
},
{
"name": "CVE-2025-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0119"
},
{
"name": "CVE-2025-2476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2476"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0301",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0122",
"url": "https://security.paloaltonetworks.com/CVE-2025-0122"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0120",
"url": "https://security.paloaltonetworks.com/CVE-2025-0120"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0128",
"url": "https://security.paloaltonetworks.com/CVE-2025-0128"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2025-0008",
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0008"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0125",
"url": "https://security.paloaltonetworks.com/CVE-2025-0125"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0127",
"url": "https://security.paloaltonetworks.com/CVE-2025-0127"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0123",
"url": "https://security.paloaltonetworks.com/CVE-2025-0123"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0119",
"url": "https://security.paloaltonetworks.com/CVE-2025-0119"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0124",
"url": "https://security.paloaltonetworks.com/CVE-2025-0124"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0126",
"url": "https://security.paloaltonetworks.com/CVE-2025-0126"
},
{
"published_at": "2025-04-09",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks CVE-2025-0121",
"url": "https://security.paloaltonetworks.com/CVE-2025-0121"
}
]
}