CVE-2023-0005
published 2023-04-12CVE-2023-0005: A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device…
PriorityP425medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
0.26%
17.7th percentile
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 6.3.0 < 6.4.10 | 6.4.10 |
| palo_alto_networks | pan-os | >= 10.0 < 10.0.12 | 10.0.12 |
| palo_alto_networks | pan-os | >= 10.1 < 10.1.8 | 10.1.8 |
| palo_alto_networks | pan-os | >= 10.2 < 10.2.3 | 10.2.3 |
| palo_alto_networks | pan-os | >= 8.1 < 8.1.24 | 8.1.24 |
| palo_alto_networks | pan-os | >= 9.0 < 9.0.17 | 9.0.17 |
| palo_alto_networks | pan-os | >= 9.1 < 9.1.15 | 9.1.15 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | pan-os | >= 10.0.0 < 10.0.12 | 10.0.12 |
| paloaltonetworks | pan-os | >= 10.1.0 < 10.1.8 | 10.1.8 |
| paloaltonetworks | pan-os | >= 10.2.0 < 10.2.3 | 10.2.3 |
| paloaltonetworks | pan-os | >= 8.1.0 < 8.1.24 | 8.1.24 |
| paloaltonetworks | pan-os | >= 9.0.0 < 9.0.17 | 9.0.17 |
| paloaltonetworks | pan-os | >= 9.1.0 < 9.1.15 | 9.1.15 |
CVSS provenance
nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
vendor_redhat5.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
kernel: s390/vmem: split pages when debug pagealloc is enabled
vendor_redhat·2025-12-30·CVSS 5.8
CVE-2023-54278 [MEDIUM] CWE-416 kernel: s390/vmem: split pages when debug pagealloc is enabled
kernel: s390/vmem: split pages when debug pagealloc is enabled
In the Linux kernel, the following vulnerability has been resolved:
s390/vmem: split pages when debug pagealloc is enabled
Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled")
the kernel crashes early during boot when debug pagealloc is enabled:
mem auto-init: stack:off, heap alloc:off, heap free:off
addressing exception: 0005 ilc:2 [#1] SMP DEBUG_PAGEALLOC
Modules linked in:
CPU: 0 PID: 0 Comm: swapper Not tainted 6.5.0-rc3-09759-gc5666c912155 #630
[..]
Krnl Code: 00000000001325f6: ec5600248064 cgrj %r5,%r6,8,000000000013263e
00000000001325fc: eb880002000c srlg %r8,%r8,2
#0000000000132602: b2210051 ipte %r5,%r1,%r0,0
>0000000000132606: b90400d1 lgr %r13,%r1
000000000013260a: 41605008 la %r6,8(%r5)
000000000013
CISA ICS
Siemens RUGGEDCOM APE1808 before V11.0.1
cisa_ics·2024-04-11
Siemens RUGGEDCOM APE1808 before V11.0.1
ICS Advisory
##
Siemens RUGGEDCOM APE1808 before V11.0.1
Release DateApril 11, 2024
Alert CodeICSA-24-102-03
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: RUGGEDCOM APE1808
- Vulnerabilities: Network Amplification, Exposure of Sensitive System Information to an Unauthorized Control Sphere, External Control of File Name or Path, Cross-site Scripting, Insufficien
Palo Alto
PAN-OS: Exposure of Sensitive Information Vulnerability
vendor_paloalto·2023-04-12·CVSS 4.9
CVE-2023-0005 [MEDIUM] CWE-497 PAN-OS: Exposure of Sensitive Information Vulnerability
PAN-OS: Exposure of Sensitive Information Vulnerability
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.15, PAN-OS 10.0.12, PAN-OS 10.1.8, PAN-OS 10.2.3, and all later PAN-OS versions.
Workaround: This issue requires the attacker to have authenticated access to the PAN-OS management interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS management interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at htt
VMware
VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability (CVE-2023-20855)
vendor_vmware·2023-02-21·CVSS 8.8
CVE-2023-20855 [HIGH] VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability (CVE-2023-20855)
VMSA-2023-0005: VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability (CVE-2023-20855)
VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.8.
CVEs: CVE-2023-20855
Affected products: VMware Aria, VMware Cloud Foundation, VMware vRealize
OSV
s390/vmem: split pages when debug pagealloc is enabled
osv·2025-12-30
CVE-2023-54278 s390/vmem: split pages when debug pagealloc is enabled
s390/vmem: split pages when debug pagealloc is enabled
In the Linux kernel, the following vulnerability has been resolved:
s390/vmem: split pages when debug pagealloc is enabled
Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled")
the kernel crashes early during boot when debug pagealloc is enabled:
mem auto-init: stack:off, heap alloc:off, heap free:off
addressing exception: 0005 ilc:2 [#1] SMP DEBUG_PAGEALLOC
Modules linked in:
CPU: 0 PID: 0 Comm: swapper Not tainted 6.5.0-rc3-09759-gc5666c912155 #630
[..]
Krnl Code: 00000000001325f6: ec5600248064 cgrj %r5,%r6,8,000000000013263e
00000000001325fc: eb880002000c srlg %r8,%r8,2
#0000000000132602: b2210051 ipte %r5,%r1,%r0,0
>0000000000132606: b90400d1 lgr %r13,%r1
000000000013260a: 41605008 la %r6,8(%r5)
000000000013260e:
GHSA
GHSA-fm8c-g4fr-mj3j: A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the d
ghsa_unreviewed·2023-04-12
CVE-2023-0005 [MEDIUM] CWE-312 GHSA-fm8c-g4fr-mj3j: A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the d
A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2023-54278 kernel: s390/vmem: split pages when debug pagealloc is enabled
bugzilla·2025-12-30
CVE-2023-54278 [MEDIUM] CVE-2023-54278 kernel: s390/vmem: split pages when debug pagealloc is enabled
CVE-2023-54278 kernel: s390/vmem: split pages when debug pagealloc is enabled
In the Linux kernel, the following vulnerability has been resolved:
s390/vmem: split pages when debug pagealloc is enabled
Since commit bb1520d581a3 ("s390/mm: start kernel with DAT enabled")
the kernel crashes early during boot when debug pagealloc is enabled:
mem auto-init: stack:off, heap alloc:off, heap free:off
addressing exception: 0005 ilc:2 [#1] SMP DEBUG_PAGEALLOC
Modules linked in:
CPU: 0 PID: 0 Comm: swapper Not tainted 6.5.0-rc3-09759-gc5666c912155 #630
[..]
Krnl Code: 00000000001325f6: ec5600248064 cgrj %r5,%r6,8,000000000013263e
00000000001325fc: eb880002000c srlg %r8,%r8,2
#0000000000132602: b2210051 ipte %r5,%r1,%r0,0
>0000000000132606: b90400d1 lgr %r13,%r1
000000000013260a: 41605008 la %r6,8
Microsoft
Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005 | Microsoft Security Blog
blogs_microsoft·2017-03-27·CVSS 7.8
[HIGH] Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005 | Microsoft Security Blog
Research
March 27, 2017
## Related posts
April 22, 2024
October 25, 2023
September 14, 2023
## Get started with Microsoft Security
Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.
Connect with us on social
Careers
About Microsoft
Company news
Privacy at Microsoft
Investors
Diversity and inclusion
Accessibility
Sustainability
2023-04-12
Published