Palo Alto Networks PAN-OS
Moderate fix3 remedies
cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*
Moderate fix3 remedies
- >= 11.2.0, < 11.2.8
- >= 11.1.0, < 11.1.12
- >= 10.2.0, < 10.2.17
Palo Alto Networks PAN-OS Session Token Disclosure Vulnerability
Vulnerability
Patched
A vulnerability allowing information disclosure has been identified in Palo Alto Networks PAN-OS software. This issue enables an authenticated administrator to access session tokens of users logged into the firewall web UI. The leaked session tokens could be used to impersonate those users. The risk associated with this vulnerability is notably reduced when CLI access is limited to a select group of administrators. It is important to note that Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Impact
Exploitation of this vulnerability could lead to unauthorized impersonation of users whose session tokens are exposed.
Remediation
Users can upgrade to PAN-OS 11.2.8 or later, PAN-OS 11.1.12 or later, or PAN-OS 10.2.17 or later. For older, unsupported PAN-OS versions, upgrading to a supported fixed version is recommended.
Added: Oct 9, 2025, 7:19 PM
Updated: Oct 9, 2025, 7:19 PM
Vulnerability Rating
Custom Algorithm
spread
5.7impact
1.3exploitability
4.4remediation
7.7relevance
0.7threat
0.0urgency
5.7incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.