Palo Alto Networks PAN-OS
Easy fix6 remedies
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*
Easy fix6 remedies
- >= 11.2.0, <= 11.2.4
- >= 11.1.0, <= 11.1.4
- >= 11.0.0, <= 11.0.5
- >= 10.2.0, <= 10.2.10
- >= 10.1.0, <= 10.1.14-h11
Palo Alto Networks PAN-OS Improper Input Neutralization Vulnerability in Management Web Interface Allowing Administrator Impersonation
Vulnerability
Patched
A vulnerability allowing improper input neutralization has been identified in the management web interface of Palo Alto Networks PAN-OS software. This vulnerability enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. Exploitation requires network access to the management web interface. This issue does not affect Cloud NGFW or any Prisma Access instances.
Impact
Exploitation of this vulnerability allows for impersonation of administrators, potentially leading to unauthorized actions being performed under the guise of a legitimate admin.
Remediation
Administrators should upgrade to PAN-OS versions 11.2.5, 11.1.5, 11.0.6, 10.2.11, or 10.1.14-h11. For devices on PAN-OS 11.0, which is no longer supported, upgrading to a fixed version is strongly recommended. Additionally, access to the management interface should be restricted to trusted internal IP addresses, following Palo Alto Networks' critical deployment guidelines.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
5.0exploitability
4.4remediation
8.3relevance
0.0threat
0.0urgency
5.7incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.