Palo Alto Networks PAN-OS
Easy fix7 remedies
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*
Easy fix7 remedies
- >= 11.2.0, < 11.2.3
- >= 11.1.0, < 11.1.4
- >= 11.1.5
- >= 11.0.0, < 11.0.6
- >= 10.2.0, < 10.2.11
- >= 10.1.0, < 10.1.14-h11
Palo Alto Networks PAN-OS Authenticated Admin File Read Vulnerability in PAN-OS CLI
Vulnerability
Patched
A vulnerability exists in Palo Alto Networks PAN-OS software that allows an authenticated admin to read arbitrary files via the PAN-OS command-line interface (CLI). This issue requires network access to the management interface (web, SSH, console, or telnet) and successful authentication. The vulnerability does not affect Cloud NGFW or Prisma Access. To mitigate this issue, it is recommended to restrict management interface access to trusted users and internal IP addresses, following Palo Alto Networks' critical deployment guidelines.
Impact
Exploitation of this vulnerability could lead to unauthorized access to sensitive files, potentially allowing for further exploitation or information disclosure.
Remediation
This vulnerability is fixed in PAN-OS versions 10.1.14-h11, 10.2.11, 11.0.6, 11.1.5, 11.2.3, and all later PAN-OS versions. For older, unsupported PAN-OS versions, upgrade to a supported fixed version. Additionally, review and apply the recommended mitigation measures to secure management interface access.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
2.5exploitability
4.9remediation
7.9relevance
0.0threat
0.0urgency
5.7incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.