CVE-2025-0115 — Improper Resolution of Path Equivalence in Palo Alto Networks Pan-os

CWE-41 — Improper Resolution of Path Equivalence4 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 70.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Palo Alto Networks Pan-os Paloalto Cloud Ngfw Paloalto Pan-os +1 more

Timeline

PublishedMar 12

Description

A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files. The attacker must have network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. You can greatly reduce the risk of this issue by restricting access to the management interface to only trusted users and internal IP addresses according to our recommended critical deployment guidelines https://live.…

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages4 packages

▶Palo Altopaloalto/prisma_access

▶CVEListV5palo_alto_networks/pan-os11.2.0 — 11.2.3+4

▶Palo Altopaloalto/cloud_ngfw

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

CVEList

PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI↗2025-03-12

▶

GHSA

GHSA-mqw3-crqw-fq73: A vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated admin on the PAN-OS CLI to read arbitrary files↗2025-03-12

▶

📋Vendor Advisories

Palo Alto

PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI↗

▶