CVE-2025-0137 | THREATINT

Description

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

Reserved 2024-12-20 | Published 2025-05-14 | Updated 2025-05-14 | Assigner palo_alto

MEDIUM: 4.8CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber

The risk is highest when you allow access to the management interface from external IP addresses on the internet.

LOW: 2.0CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber

You can greatly reduce the risk of exploitation by restricting web interface access to a jump box as the only system or source with access to the management interface. This ensures that attacks succeed only if they obtain privileged access through the IP addresses that you specify.

Problem types

CWE-83: Improper Neutralization of Script in Attributes in a Web Page

Product status

Default status

unaffected

All before 6.3.3

unaffected

Default status

unaffected

11.2.0 before 11.2.5

affected

11.1.0 before 11.1.8

affected

10.2.0 before 10.2.13

affected

10.1.0 before 10.1.14-h14

affected

Timeline

2025-05-14:

Initial Publication

Credits

Jasper Westerman, Harm Blankers and Yanick de Pater of REQON B.V. finder

a customer finder

References

security.paloaltonetworks.com/CVE-2025-0137 vendor-advisory

cve.org (CVE-2025-0137)

nvd.nist.gov (CVE-2025-0137)

Download JSON