admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-11 02:00:37 +00:00
parent ab070def51
commit 2f2b886f8d
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
11 changed files with 1449 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
2024/51xxx/CVE-2024-51461.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-51461",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM QRadar WinCollect Agent 10.0 through 10.1.13 could allow a remote attacker to cause a denial of service by interrupting an HTTP request that could consume memory resources."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770 Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "QRadar WinCollect Agent",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "10.0",
"version_value": "10.1.13"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7230614",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7230614"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

203
2025/0xxx/CVE-2025-0120.json
View File

@ -1,18 +1,211 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0120",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability with a privilege management mechanism in the Palo Alto Networks GlobalProtect\u2122 app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM. However, execution requires that the local user can also successfully exploit a race condition, which makes this vulnerability difficult to exploit."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges",
"cweId": "CWE-250"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "GlobalProtect App",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8",
"status": "unaffected"
},
{
"at": "6.2.7-h3",
"status": "unaffected"
}
],
"lessThan": "6.2.8",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "GlobalProtect UWP App",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0120",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0120"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"GPC-19862",
"GPC-19858"
],
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround or mitigation is available."
}
],
"value": "No workaround or mitigation is available."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<table><thead><tr><th>Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>GlobalProtect App 6.3 on Windows</td><td>Upgrade to 6.3.3 or later</td></tr><tr><td>GlobalProtect App 6.2 on Windows<br></td><td>Upgrade to 6.2.7-h3 or 6.2.8 or later<br></td></tr><tr><td>GlobalProtect App 6.1 on Windows<br></td><td>Upgrade to 6.2.8 or later or upgrade to 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App 6.0 on Windows<br></td><td>Upgrade to 6.2.8 or later or upgrade to 6.3.3 or later<br></td></tr><tr><td>GlobalProtect App on macOS</td><td>No action needed</td></tr><tr><td>GlobalProtect App on Linux</td><td>No action needed</td></tr><tr><td>GlobalProtect App on iOS</td><td>No action needed</td></tr><tr><td>GlobalProtect App on Android</td><td>No action needed</td></tr><tr><td>GlobalProtect UWP App</td><td>No action needed</td></tr></tbody></table>"
}
],
"value": "Version\nSuggested Solution\nGlobalProtect App 6.3 on WindowsUpgrade to 6.3.3 or laterGlobalProtect App 6.2 on Windows\nUpgrade to 6.2.7-h3 or 6.2.8 or later\nGlobalProtect App 6.1 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App 6.0 on Windows\nUpgrade to 6.2.8 or later or upgrade to 6.3.3 or later\nGlobalProtect App on macOSNo action neededGlobalProtect App on LinuxNo action neededGlobalProtect App on iOSNo action neededGlobalProtect App on AndroidNo action neededGlobalProtect UWP AppNo action needed"
}
],
"credits": [
{
"lang": "en",
"value": "Maxime ESCOURBIAC, Michelin CERT"
},
{
"lang": "en",
"value": "Yassine BENGANA, Abicom for Michelin CERT"
}
]
}

187
2025/0xxx/CVE-2025-0121.json
View File

@ -1,18 +1,195 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0121",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A null pointer dereference vulnerability in the Palo Alto Networks Cortex\u00ae XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "Cortex XDR Agent",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "unaffected",
"version": "8.7.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.6.1",
"status": "unaffected"
}
],
"lessThan": "8.6.1",
"status": "affected",
"version": "8.6.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.5.2",
"status": "unaffected"
}
],
"lessThan": "8.5.2",
"status": "affected",
"version": "8.5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "8.3.101-CE HF",
"status": "unaffected"
}
],
"lessThan": "8.3.101-CE HF",
"status": "affected",
"version": "8.3-CE",
"versionType": "custom"
},
{
"changes": [
{
"at": "7.9.103-CE HF",
"status": "unaffected"
}
],
"lessThan": "7.9.103-CE HF",
"status": "affected",
"version": "7.9-CE",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0121",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0121"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"CPATR-26258"
],
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is needed to be affected by this issue."
}
],
"value": "No special configuration is needed to be affected by this issue."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions."
}
],
"value": "This issue is fixed in Cortex XDR Agent 8.6.1, Cortex XDR Agent 8.5.2, Cortex XDR Agent 8.3.101-CE HF, Cortex XDR Agent 7.9.103-CE HF, and all later Cortex XDR Agent versions."
}
],
"credits": [
{
"lang": "en",
"value": "adcisseckilled"
}
]
}

180
2025/0xxx/CVE-2025-0122.json
View File

@ -1,18 +1,188 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0122",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks Prisma\u00ae SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to disrupt the packet processing capabilities of the device by sending a burst of crafted packets to that device."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770 Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "Prisma SD-WAN",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "6.5.1",
"status": "unaffected"
}
],
"lessThan": "6.5.1",
"status": "affected",
"version": "6.5.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.4.2",
"status": "unaffected"
}
],
"lessThan": "6.4.2",
"status": "affected",
"version": "6.4.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.3.4",
"status": "unaffected"
}
],
"lessThan": "6.3.4",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.1.10",
"status": "unaffected"
}
],
"lessThan": "6.1.10",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0122",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0122"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"CGSDW-23881"
],
"discovery": "INTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"value": "No special configuration is needed to be vulnerable to this issue."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There are no known workarounds for this issue."
}
],
"value": "There are no known workarounds for this issue."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<table class=\"tbl\"><thead><tr><th>Version</th><th>Suggested Solution</th></tr></thead><tbody><tr><td>Prisma SD-WAN 6.5</td><td>Upgrade to Prisma SD-WAN 6.5.1 or later</td></tr><tr><td>Prisma SD-WAN 6.4<br></td><td>Upgrade to Prisma SD-WAN 6.4.2 or later</td></tr><tr><td>Prisma SD-WAN 6.3</td><td>Upgrade to Prisma SD-WAN 6.3.4 or later</td></tr><tr><td>Prisma SD-WAN 6.2</td><td>Upgrade to&nbsp;Prisma SD-WAN 6.3.4 or later</td></tr><tr><td>Prisma SD-WAN 6.1</td><td>Upgrade to Prisma SD-WAN 6.1.10 or later</td></tr></tbody></table>"
}
],
"value": "VersionSuggested SolutionPrisma SD-WAN 6.5Upgrade to Prisma SD-WAN 6.5.1 or laterPrisma SD-WAN 6.4\nUpgrade to Prisma SD-WAN 6.4.2 or laterPrisma SD-WAN 6.3Upgrade to Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.2Upgrade to\u00a0Prisma SD-WAN 6.3.4 or laterPrisma SD-WAN 6.1Upgrade to Prisma SD-WAN 6.1.10 or later"
}
],
"credits": [
{
"lang": "en",
"value": "Vajrapu Venkata Sarat Kumar of Palo Alto Networks"
}
]
}

218
2025/0xxx/CVE-2025-0124.json
View File

@ -1,18 +1,226 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0124",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS\u00ae software enables an authenticated attacker with network access to the management web interface to delete certain files as the \u201cnobody\u201d user; this includes limited logs and configuration files but does not include system files.\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue affects Cloud NGFW. However, this issue does not affect Prisma\u00ae Access software."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-73: External Control of File Name or Path",
"cweId": "CWE-73"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "Cloud NGFW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All"
}
]
}
},
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "11.2.1",
"status": "unaffected"
}
],
"lessThan": "11.2.1",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.10",
"status": "unaffected"
}
],
"lessThan": "10.2.10",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14-h11",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h11",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0124",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0124"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"PAN-254188"
],
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>The risk is greatest if you enabled access to the management interface from the internet or from any untrusted network either:</p><ol><li>Directly; or</li><li>Through a dataplane interface that includes a management interface profile.</li></ol><p>You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.</p><p>Use the following steps to identify your recently detected devices in our internet scans.</p><ol><li>To find any assets that require remediation action, visit the Assets section of the Customer Support Portal at <a target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com/\">https://support.paloaltonetworks.com</a>&nbsp;(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).</li><li>Review the list of your devices that we discovered in our scans to have an internet-facing management interface. We tagged these devices with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices associated with your account that had an internet-facing management interface within the past three days.</li></ol><p>GlobalProtect\u2122 portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).</p>"
}
],
"value": "The risk is greatest if you enabled access to the management interface from the internet or from any untrusted network either:\n\n * Directly; or\n * Through a dataplane interface that includes a management interface profile.\nYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\n\nUse the following steps to identify your recently detected devices in our internet scans.\n\n * To find any assets that require remediation action, visit the Assets section of the Customer Support Portal at https://support.paloaltonetworks.com https://support.paloaltonetworks.com/ \u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\n * Review the list of your devices that we discovered in our scans to have an internet-facing management interface. We tagged these devices with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices associated with your account that had an internet-facing management interface within the past three days.\nGlobalProtect\u2122 portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443)."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p><b>Recommended mitigation</b>\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our <a target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\">best practices deployment guidelines</a>. Specifically, you should restrict management interface access to only trusted internal IP addresses.</p><p>Review information about how to secure management access to your Palo Alto Networks firewalls:</p><ul><li><p>Palo Alto Networks LIVEcommunity article:<a target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\">https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431</a></p></li><li>Palo Alto Networks official and detailed technical documentation:<a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\">https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices</a></li></ul>"
}
],
"value": "Recommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n\n\n * Palo Alto Networks official and detailed technical documentation: https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>PAN-OS 11.2<br></td><td>11.2.0<br></td><td>Upgrade to 11.2.1 or later</td></tr><tr><td>PAN-OS 11.1</td><td>11.1.0 through 11.1.4</td><td>Upgrade to 11.1.5 or later</td></tr><tr><td>PAN-OS 11.0</td><td>11.0.0 through 11.0.5</td><td>Upgrade to 11.0.6 or later</td></tr><tr><td>PAN-OS 10.2</td><td>10.2.0 through 10.2.9</td><td>Upgrade to 10.2.10 or later</td></tr><tr><td>PAN-OS 10.1</td><td>10.1.0 through 10.1.14</td><td>Upgrade to 10.1.14-h11 or later</td></tr><tr><td>All other older<br>unsupported<br>PAN-OS versions<br></td><td>&nbsp;</td><td>Upgrade to a supported fixed version&nbsp;</td></tr></tbody></table><p>PAN-OS 11.0 has reached EoL. We listed it here for completeness because a patch for PAN-OS 11.0 was released before it reached EoL. If you are still using any vulnerable EoL versions, we strongly recommend that you upgrade to a supported fixed PAN-OS version.<br></p>"
}
],
"value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.2\n11.2.0\nUpgrade to 11.2.1 or laterPAN-OS 11.111.1.0 through 11.1.4Upgrade to 11.1.5 or laterPAN-OS 11.011.0.0 through 11.0.5Upgrade to 11.0.6 or laterPAN-OS 10.210.2.0 through 10.2.9Upgrade to 10.2.10 or laterPAN-OS 10.110.1.0 through 10.1.14Upgrade to 10.1.14-h11 or laterAll other older\nunsupported\nPAN-OS versions\n\u00a0Upgrade to a supported fixed version\u00a0PAN-OS 11.0 has reached EoL. We listed it here for completeness because a patch for PAN-OS 11.0 was released before it reached EoL. If you are still using any vulnerable EoL versions, we strongly recommend that you upgrade to a supported fixed PAN-OS version."
}
],
"credits": [
{
"lang": "en",
"value": "VISA, Inc."
}
]
}

231
2025/0xxx/CVE-2025-0125.json
View File

@ -1,18 +1,239 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0125",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW and all Prisma\u00ae Access instances."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-83: Improper Neutralization of Script in Attributes in a Web Page",
"cweId": "CWE-83"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "Cloud NGFW",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "11.2.5",
"status": "unaffected"
}
],
"lessThan": "11.2.5",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.11",
"status": "unaffected"
}
],
"lessThan": "10.2.11",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14-h11",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h11",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0125",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0125"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"PAN-259759"
],
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p> </p><p><span>The risk is greatest if you enabled access to the management interface from the internet or from any untrusted network either:</span></p><ol><li><p><span>Directly; or</span></p></li></ol><ol><li><p><span>Through a dataplane interface that includes a management interface profile.</span></p></li></ol><p><span>You greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.</span></p><p><span>Use the following steps to identify your recently detected devices in our internet scans.</span></p><ol><li><p><span>To find any assets that require remediation action, visit the Assets section of the Customer Support Portal a&nbsp;</span><a target=\"_blank\" rel=\"nofollow\" href=\"https://support.paloaltonetworks.com/\"><span>https://support.paloaltonetworks.com</span></a>&nbsp;<span>(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).</span></p></li><li><p><span>Review the list of your devices that we discovered in our scans to have an internet-facing management interface. We tagged these devices with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices associated with your account that had an internet-facing management interface within the past three days.</span></p></li></ol><div><p><span>GlobalProtect\u2122 portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443).</span></p></div><b><p></p></b>"
}
],
"value": "The risk is greatest if you enabled access to the management interface from the internet or from any untrusted network either:\n\n * Directly; or\n\n\n * Through a dataplane interface that includes a management interface profile.\n\n\nYou greatly reduce the risk if you ensure that you allow only trusted internal IP addresses to access the management interface.\n\nUse the following steps to identify your recently detected devices in our internet scans.\n\n * To find any assets that require remediation action, visit the Assets section of the Customer Support Portal a\u00a0 https://support.paloaltonetworks.com https://support.paloaltonetworks.com/ \u00a0(Products \u2192 Assets \u2192 All Assets \u2192 Remediation Required).\n\n\n * Review the list of your devices that we discovered in our scans to have an internet-facing management interface. We tagged these devices with \u2018PAN-SA-2024-0015\u2019 and a last seen timestamp (in UTC). If you do not see any such devices listed, then our scan did not find any devices associated with your account that had an internet-facing management interface within the past three days.\n\n\nGlobalProtect\u2122 portals and gateways are not vulnerable to this issue. However, if you configure a management profile on interfaces with GlobalProtect portals or gateways, then you expose the device to attacks through the management web interface (typically accessible on port 4443)."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p><b>Recommended mitigation</b>\u2014<span>The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"><span>critical deployment guidelines</span></a><span>. Specifically, you should restrict management interface access to only trusted internal IP addresses.</span></p><p><span>Review information about how to secure management access to your Palo Alto Networks firewalls:</span></p><ul><li><p><span>Palo Alto Networks LIVEcommunity article:&nbsp;</span><a target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"><span>https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431</span></a></p></li></ul><ul><li><p><span>Palo Alto Networks official and detailed technical documentation:&nbsp;</span><a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices\"><span>https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices</span></a></p></li></ul>"
}
],
"value": "Recommended mitigation\u2014The vast majority of firewalls already follow Palo Alto Networks and industry best practices. However, if you have not already, we strongly recommend that you secure access to your management interface according to our critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . Specifically, you should restrict management interface access to only trusted internal IP addresses.\n\nReview information about how to secure management access to your Palo Alto Networks firewalls:\n\n * Palo Alto Networks LIVEcommunity article:\u00a0 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 \n\n\n\n\n * Palo Alto Networks official and detailed technical documentation:\u00a0 https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices https://docs.paloaltonetworks.com/best-practices/10-1/administrative-access-best-practices/administrative-access-best-practices/deploy-administrative-access-best-practices"
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>PAN-OS 11.2<br></td><td>11.2.0 through 11.2.2</td><td>Upgrade to 11.2.3 or later<br></td></tr><tr><td>PAN-OS 11.1</td><td>11.1.0 through 11.1.4<br></td><td>Upgrade to 11.1.5 or later</td></tr><tr><td>PAN-OS 11.0<br></td><td>11.0.0 through 11.0.5<br></td><td>Upgrade to 11.0.6 or later<br></td></tr><tr><td>PAN-OS 10.2<br></td><td>10.2.0 through 10.2.10</td><td>Upgrade to 10.2.11 or later</td></tr><tr><td>PAN-OS 10.1<br></td><td>10.1.0 through 10.1.14<br></td><td>Upgrade to 10.1.14-h11 or later<br></td></tr><tr><td>All other older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr></tbody></table><br><span>PAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade to a fixed supported version.</span>"
}
],
"value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.2\n11.2.0 through 11.2.2Upgrade to 11.2.3 or later\nPAN-OS 11.111.1.0 through 11.1.4\nUpgrade to 11.1.5 or laterPAN-OS 11.0\n11.0.0 through 11.0.5\nUpgrade to 11.0.6 or later\nPAN-OS 10.2\n10.2.0 through 10.2.10Upgrade to 10.2.11 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older\nunsupported\nPAN-OS versions\u00a0Upgrade to a supported fixed version.\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade to a fixed supported version."
}
],
"credits": [
{
"lang": "en",
"value": "Visa Cybersecurity team"
},
{
"lang": "en",
"value": "Deloitte Romania, represented by Razvan Ilisanu and Matei \u201cMal\u201d Badanoiu,"
}
]
}

256
2025/0xxx/CVE-2025-0126.json
View File

@ -1,18 +1,264 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-0126",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@paloaltonetworks.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "When configured using SAML, a session fixation vulnerability in the GlobalProtect\u2122 login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker.\n\nThe SAML login for the PAN-OS\u00ae management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma\u00ae Access instances are proactively patched."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-384 Session Fixation",
"cweId": "CWE-384"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Palo Alto Networks",
"product": {
"product_data": [
{
"product_name": "Cloud NGFW",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "PAN-OS",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "11.2.3",
"status": "unaffected"
}
],
"lessThan": "11.2.3",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.10-h6",
"status": "unaffected"
},
{
"at": "10.2.11",
"status": "unaffected"
},
{
"at": "10.2.4-h25",
"status": "unaffected"
},
{
"at": "10.2.9-h13",
"status": "unaffected"
}
],
"lessThan": "10.2.10-h6",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14-h11",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h11",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Prisma Access",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "10.2.10-h16",
"status": "unaffected"
},
{
"at": "10.2.4-h36",
"status": "unaffected"
}
],
"lessThan": "10.2.4-h36",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "11.2.4-h5",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security.paloaltonetworks.com/CVE-2025-0126",
"refsource": "MISC",
"name": "https://security.paloaltonetworks.com/CVE-2025-0126"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"defect": [
"PAN-253328"
],
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>This issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.</p><p>You can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals).</p><p>If you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication).</p>"
}
],
"value": "This issue impacts only firewalls on which you configured a GlobalProtect portal to use SAML Authentication.\n\nYou can verify whether you configured GlobalProtect portal by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals).\n\nIf you do have GlobalProtect portals or gateways in your configuration, then you can verify whether you configured SAML Authentication on these portals by checking your firewall web interface (Network \u2192 GlobalProtect \u2192 Portals \u2192 (portal-config) \u2192 Authentication)."
}
],
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p><span>This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab\"><span>documentation</span></a><span>.</span></p>"
}
],
"value": "This issue can be mitigated using a different form of authentication for the GlobalProtect portal (such as Client Certificate Authentication, RADIUS, TACACS+, LDAP, or Kerberos). For more information about configuring authentication for the GlobalProtect portal see this technical documentation https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-web-interface-help/globalprotect/network-globalprotect-portals/globalprotect-portals-authentication-configuration-tab ."
}
],
"exploit": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"solution": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>PAN-OS 11.2<br></td><td>11.2.0 through 11.2.2<br></td><td>Upgrade to 11.2.3 or later</td></tr><tr><td>PAN-OS 11.1<br></td><td>11.1.0 through 11.1.4<br></td><td>Upgrade to 11.1.5 or later<br></td></tr><tr><td>PAN-OS 11.0</td><td>11.0.0 through 11.0.5</td><td>Upgrade to 11.0.6 or later</td></tr><tr><td>PAN-OS 10.2<br></td><td>10.2.10<br></td><td>Upgrade to 10.2.10-h6 or 10.2.11 or later<br></td></tr><tr><td>&nbsp;</td><td>10.2.5 through 10.2.9</td><td>Upgrade to 10.2.9-h13 or 10.2.11 or later</td></tr><tr><td>&nbsp;</td><td>10.2.0 through 10.2.4</td><td>Upgrade to 10.2.4-h25 or 10.2.11 or later</td></tr><tr><td>PAN-OS 10.1<br></td><td>10.1.0 through 10.1.14<br></td><td>Upgrade to 10.1.14-h11 or later<br></td></tr><tr><td>All other older <br>unsupported <br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr></tbody></table><br>PAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.<br><br>We proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants.<br><p></p>"
}
],
"value": "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.2\n11.2.0 through 11.2.2\nUpgrade to 11.2.3 or laterPAN-OS 11.1\n11.1.0 through 11.1.4\nUpgrade to 11.1.5 or later\nPAN-OS 11.011.0.0 through 11.0.5Upgrade to 11.0.6 or laterPAN-OS 10.2\n10.2.10\nUpgrade to 10.2.10-h6 or 10.2.11 or later\n\u00a010.2.5 through 10.2.9Upgrade to 10.2.9-h13 or 10.2.11 or later\u00a010.2.0 through 10.2.4Upgrade to 10.2.4-h25 or 10.2.11 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older \nunsupported \nPAN-OS versions\u00a0Upgrade to a supported fixed version.\nPAN-OS 11.0 is EoL. We listed it in this section for completeness because we added a patch for PAN-OS 11.0 before it reached EoL. If you are running PAN-OS 11.0 in any of your firewalls, we strongly recommend that you upgrade from this EoL vulnerable version to a fixed version.\n\nWe proactively initiated an upgrade of Prisma Access on March 21, 2025, to cover all tenants."
}
],
"credits": [
{
"lang": "en",
"value": "D'Angelo Gonzalez of CrowdStrike"
}
]
}

79
2025/26xxx/CVE-2025-26335.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-26335",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@dell.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contains an Insertion of Sensitive Information Into Sent Data vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-201: Insertion of Sensitive Information Into Sent Data",
"cweId": "CWE-201"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dell",
"product": {
"product_data": [
{
"product_name": "PowerProtect Cyber Recovery",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "N/A",
"version_value": "19.18.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000306005/dsa-2025-113-security-update-for-dell-powerprotect-cyber-recovery",
"refsource": "MISC",
"name": "https://www.dell.com/support/kbdoc/en-us/000306005/dsa-2025-113-security-update-for-dell-powerprotect-cyber-recovery"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

18
2025/32xxx/CVE-2025-32813.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-32813",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/32xxx/CVE-2025-32814.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-32814",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/32xxx/CVE-2025-32815.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-32815",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}