CVE-2025-0132

A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM. The attacker must have network access to the Broker VM to exploit this issue.

CVSS

No CVSS.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-0132

Configurations

No configuration.

History

16 May 2025, 14:43

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-14 19:15

Updated : 2025-05-16 14:43

NVD link : CVE-2025-0132

Mitre link : CVE-2025-0132

CVE.ORG link : CVE-2025-0132

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2025-0132", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 6.9, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-14T19:15:51.380", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0132", "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "A missing authentication vulnerability in Palo Alto Networks Cortex XDR\u00ae Broker VM allows an unauthenticated user to disable certain internal services on the Broker VM.\u00a0\n\nThe attacker must have network access to the Broker VM to exploit this issue."}, {"lang": "es", "value": "Una vulnerabilidad de falta de autenticaci\u00f3n en la m\u00e1quina virtual de intermediario Cortex XDR\u00ae de Palo Alto Networks permite que un usuario no autenticado desactive ciertos servicios internos en la m\u00e1quina virtual de intermediario. El atacante debe tener acceso de red a la m\u00e1quina virtual de intermediario para explotar este problema."}], "lastModified": "2025-05-16T14:43:56.797", "sourceIdentifier": "psirt@paloaltonetworks.com"}

CVE-2025-0132

JSON object

Attach tags to CVE-2025-0132

Attach tags to `CVE-2025-0132`