CVE-2025-4614
published 2025-10-09CVE-2025-4614: An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users…
PriorityP410low2.7CVSS 3.1
AVNACLPRHUINSUCLINAN
EPSS
0.22%
12.4th percentile
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| palo_alto_networks | pan-os | >= 10.2.0 < 10.2.17 | 10.2.17 |
| palo_alto_networks | pan-os | >= 11.1.0 < 11.1.12 | 11.1.12 |
| palo_alto_networks | pan-os | >= 11.2.0 < 11.2.8 | 11.2.8 |
| paloalto | cloud_ngfw | — | — |
| paloalto | pan-os | — | — |
| paloalto | prisma_access | — | — |
| paloaltonetworks | pan-os | — | — |
| paloaltonetworks | pan-os | >= 10.2.0 < 10.2.17 | 10.2.17 |
| paloaltonetworks | pan-os | >= 11.1.0 < 11.1.6 | 11.1.6 |
| paloaltonetworks | pan-os | >= 11.2.0 < 11.2.8 | 11.2.8 |
CVSS provenance
nvdv3.12.7LOWCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
nvdv4.04.8MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p4fj-c8rg-ggm6: An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users
ghsa_unreviewed·2025-10-09
CVE-2025-4614 [MEDIUM] CWE-497 GHSA-p4fj-c8rg-ggm6: An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
Palo Alto
PAN-OS: Session Token Disclosure Vulnerability
vendor_paloalto·CVSS 4.8
CVE-2025-4614 [MEDIUM] CWE-497 PAN-OS: Session Token Disclosure Vulnerability
PAN-OS: Session Token Disclosure Vulnerability
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated administrator to view session tokens of users authenticated to the firewall web UI. This may allow impersonation of users whose session tokens are leaked.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
Affected products: Cloud NGFW, PAN-OS, Prisma Access
Solution: VERSION MINOR VERSION SUGGESTED SOLUTION
Cloud NGFW All No action needed.
PAN-OS 12.1 No action needed.
PAN-OS 11.2 11.2.0 through 11.2.7 Upgrade to 11.2.8 or later.
PAN-OS 11.1 11.1.0 through 11.1.6 Upgrade to 11.1.6-h21 o
No detection rules found.
No public exploits indexed.
2025-10-09
Published