CVE-2025-0137

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

CVSS

No CVSS.

References

Link	Resource
https://security.paloaltonetworks.com/CVE-2025-0137

Configurations

No configuration.

History

16 May 2025, 14:43

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-14 19:15

Updated : 2025-05-16 14:43

NVD link : CVE-2025-0137

Mitre link : CVE-2025-0137

CVE.ORG link : CVE-2025-0137

JSON object : View

Products Affected

No product.

CWE

CWE-83

Improper Neutralization of Script in Attributes in a Web Page

{"id": "CVE-2025-0137", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "cvssData": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 4.8, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "LOW", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "MODERATE", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-14T19:15:52.210", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-0137", "source": "psirt@paloaltonetworks.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@paloaltonetworks.com", "description": [{"lang": "en", "value": "CWE-83"}]}], "descriptions": [{"lang": "en", "value": "An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS\u00ae software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 ."}, {"lang": "es", "value": "Una vulnerabilidad de neutralizaci\u00f3n de entrada incorrecta en la interfaz web de administraci\u00f3n del software PAN-OS\u00ae de Palo Alto Networks permite que un administrador malicioso de lectura y escritura autenticado se haga pasar por otro administrador leg\u00edtimo de PAN-OS autenticado. El atacante debe tener acceso de red a la interfaz web de administraci\u00f3n para explotar este problema. Puede reducir considerablemente el riesgo de este problema restringiendo el acceso a la interfaz web de administraci\u00f3n \u00fanicamente a direcciones IP internas de confianza, seg\u00fan nuestras directrices de implementaci\u00f3n cr\u00edtica recomendadas: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431."}], "lastModified": "2025-05-16T14:43:56.797", "sourceIdentifier": "psirt@paloaltonetworks.com"}