A stored cross-site scripting vulnerability has been identified in Palo Alto Networks PAN-OS software. This vulnerability allows a malicious authenticated administrator to inject and store a JavaScript payload via the web interface. It affects PAN-OS on PA-Series and VM-Series firewalls, as well as Panorama (both virtual and M-Series). However, Cloud NGFW and Prisma Access are not impacted.
Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user.
Users can upgrade to PAN-OS versions 12.1.7, 11.2.12, 11.1.15, or 10.2.18-h6. For older unsupported PAN-OS versions, upgrade to a supported fixed version. Additionally, customers with a Threat Prevention subscription can block attacks targeting this vulnerability by enabling Threat ID 510020.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
