CVE-2025-0125

CVSS

No CVSS.

A

n improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW and all Prisma® Access instances.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-0125

Configurations

No configuration.

History

11 Apr 2025, 15:39

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de neutralización de entrada incorrecta en la interfaz web de administración del software PAN-OS® de Palo Alto Networks permite que un administrador de lectura y escritura autenticado malintencionado se haga pasar por otro administrador de PAN-OS autenticado legítimo. El atacante debe tener acceso a la red a la interfaz web de administración para explotar este problema. Puede reducir en gran medida el riesgo de que se produzca este problema al restringir el acceso a la interfaz web de administración solo a direcciones IP internas confiables de acuerdo con nuestras pautas de implementación crítica recomendadas https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431. Este problema no afecta a Cloud NGFW ni a todas las instancias de Prisma® Access.

11 Apr 2025, 02:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-11 02:15

Updated : 2025-04-11 15:39

NVD link : CVE-2025-0125

Mitre link : CVE-2025-0125

CVE.ORG link : CVE-2025-0125

JSON object : View

Products Affected

No product.

CWE

CWE-83

Improper Neutralization of Script in Attributes in a Web Page

{"id": "CVE-2025-0125", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 6.9, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-04-11T02:15:18.820", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0125", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-83"}]}], "descriptions": [{"lang": "en", "value": "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\nThis issue does not affect Cloud NGFW and all Prisma\u00ae Access instances."}, {"lang": "es", "value": "Una vulnerabilidad de neutralizaci\u00f3n de entrada incorrecta en la interfaz web de administraci\u00f3n del software PAN-OS\u00ae de Palo Alto Networks permite que un administrador de lectura y escritura autenticado malintencionado se haga pasar por otro administrador de PAN-OS autenticado leg\u00edtimo. El atacante debe tener acceso a la red a la interfaz web de administraci\u00f3n para explotar este problema. Puede reducir en gran medida el riesgo de que se produzca este problema al restringir el acceso a la interfaz web de administraci\u00f3n solo a direcciones IP internas confiables de acuerdo con nuestras pautas de implementaci\u00f3n cr\u00edtica recomendadas https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431. Este problema no afecta a Cloud NGFW ni a todas las instancias de Prisma\u00ae Access."}], "lastModified": "2025-04-11T15:39:52.920", "sourceIdentifier": "[email protected]"}