CVE-2023-0004
published 2023-04-12CVE-2023-0004: A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system…
PriorityP334medium6.5CVSS 3.1
AVNACLPRHUINSUCNIHAH
EPSS
1.13%
62.2th percentile
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.
These files can include logs and system components that impact the integrity and availability of PAN-OS software.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| palo_alto_networks | pan-os | >= 10.0 < 10.0.11 | 10.0.11 |
| palo_alto_networks | pan-os | >= 10.1 < 10.1.6 | 10.1.6 |
| palo_alto_networks | pan-os | >= 8.1 < 8.1.24 | 8.1.24 |
| palo_alto_networks | pan-os | >= 9.0 < 9.0.17 | 9.0.17 |
| palo_alto_networks | pan-os | >= 9.1 < 9.1.15 | 9.1.15 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | pan-os | >= 10.0.0 < 10.0.11 | 10.0.11 |
| paloaltonetworks | pan-os | >= 10.1.0 < 10.1.6 | 10.1.6 |
| paloaltonetworks | pan-os | >= 8.1.0 < 8.1.24 | 8.1.24 |
| paloaltonetworks | pan-os | >= 9.0.0 < 9.0.17 | 9.0.17 |
| paloaltonetworks | pan-os | >= 9.1.0 < 9.1.15 | 9.1.15 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2023-0004 Informational Bulletin: Impact of TunnelCrack Vulnerabilities (CVE-2023-36671, CVE-2023-36672, CVE-2023-35838, and CVE-2023-36673)
vendor_paloalto·2023-08-17·CVSS 5.7
CVE-2023-36673 [MEDIUM] CWE-829 PAN-SA-2023-0004 Informational Bulletin: Impact of TunnelCrack Vulnerabilities (CVE-2023-36671, CVE-2023-36672, CVE-2023-35838, and CVE-2023-36673)
PAN-SA-2023-0004 Informational Bulletin: Impact of TunnelCrack Vulnerabilities (CVE-2023-36671, CVE-2023-36672, CVE-2023-35838, and CVE-2023-36673)
The Palo Alto Networks Product Security Assurance team is aware of the research publication that details a combination of attacks named "TunnelCrack". These are also referred to as LocalNet and ServerIP attacks as detailed below. These attacks leak VPN client traffic outside of the protected VPN tunnel when clients connect to untrusted networks, such as rogue Wi-Fi access points. A LocalNet attack allows an attacker to take advantage of local network access features in multiple vendor VPN clients to access unencrypted traffic. A ServerIP attack allows an attacker to intercept traffic sent to a spoofed VPN gateway via DNS spoofing attacks. Howe
Palo Alto
PAN-OS: Local File Deletion Vulnerability
vendor_paloalto·2023-04-12·CVSS 6.5
CVE-2023-0004 [MEDIUM] CWE-703 PAN-OS: Local File Deletion Vulnerability
PAN-OS: Local File Deletion Vulnerability
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.
These files can include logs and system components that impact the integrity and availability of PAN-OS software.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.11, PAN-OS 10.1.6, and all later PAN-OS versions.
Workaround: Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat IDs 93274 and 93287 (Applications and Threats content update 8698).
This issue requires the attacker to have authenticated access to the PAN-OS
VMware
VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)
vendor_vmware·2023-02-21·CVSS 7.2
CVE-2023-20858 [HIGH] VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)
VMSA-2023-0004: VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)
VMware Carbon Black App Control contains an injection vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1.
CVEs: CVE-2023-20858
Affected products: VMware Carbon Black
GHSA
GHSA-mgj2-46rc-8756: A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file s
ghsa_unreviewed·2023-04-12
CVE-2023-0004 [MEDIUM] CWE-703 GHSA-mgj2-46rc-8756: A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file s
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges.
These files can include logs and system components that impact the integrity and availability of PAN-OS software.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://lists.fedoraproject.org/archives/list/[email protected]/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/https://lists.fedoraproject.org/archives/list/[email protected]/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/https://lists.fedoraproject.org/archives/list/[email protected]/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/https://lists.fedoraproject.org/archives/list/[email protected]/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/https://lists.fedoraproject.org/archives/list/[email protected]/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/https://lists.fedoraproject.org/archives/list/[email protected]/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/https://security.paloaltonetworks.com/CVE-2023-0004https://lists.fedoraproject.org/archives/list/[email protected]/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/https://lists.fedoraproject.org/archives/list/[email protected]/message/E72T67UPDRXHIDLO3OROR25YAMN4GGW5/https://lists.fedoraproject.org/archives/list/[email protected]/message/FNA62Q767CFAFHBCDKYNPBMZWB7TWYVU/https://lists.fedoraproject.org/archives/list/[email protected]/message/HT7T2R4MQKLIF4ODV4BDLPARWFPCJ5CZ/https://lists.fedoraproject.org/archives/list/[email protected]/message/LKYHSZQFDNR7RSA7LHVLLIAQMVYCUGBG/https://lists.fedoraproject.org/archives/list/[email protected]/message/X6QXN4ORIVF6XBW4WWFE7VNPVC74S45Y/https://security.paloaltonetworks.com/CVE-2023-0004
2023-04-12
Published