First published: Wed Dec 13 2023(Updated: )
An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Pan-os | >=9.1.0<9.1.17 | |
Paloaltonetworks Pan-os | >=10.0.0<=10.0.12 | |
Paloaltonetworks Pan-os | >=10.1.0<10.1.11 | |
Paloaltonetworks Pan-os | >=10.2.0<10.2.5 | |
Paloaltonetworks Pan-os | >=11.0.0<11.0.2 |
This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.