Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.

You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue does not affect Cloud NGFW or Prisma Access software.

  • Published: Feb 12, 2025
  • Updated: May 4, 2025
  • CVE: CVE-2025-0108
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.1
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWEs:

Software From Fixed in
paloaltonetworks / pan-os 10.2.7-h6 10.2.7-h6.x
paloaltonetworks / pan-os 10.2.7-h3 10.2.7-h3.x
paloaltonetworks / pan-os 10.2.7-h1 10.2.7-h1.x
paloaltonetworks / pan-os 10.2.7 10.2.7.x
paloaltonetworks / pan-os 10.2.9 10.2.9.x
paloaltonetworks / pan-os 10.2.8 10.2.8.x
paloaltonetworks / pan-os 10.1.14-h2 10.1.14-h2.x
paloaltonetworks / pan-os 10.2.7-h8 10.2.7-h8.x
paloaltonetworks / pan-os 10.2.8-h3 10.2.8-h3.x
paloaltonetworks / pan-os 10.2.9-h1 10.2.9-h1.x
paloaltonetworks / pan-os 10.2.12 10.2.12.x
paloaltonetworks / pan-os 10.2.12-h1 10.2.12-h1.x
paloaltonetworks / pan-os 11.2.0 11.2.4
paloaltonetworks / pan-os 11.2.4 11.2.4.x
paloaltonetworks / pan-os 11.1.2 11.1.2.x
paloaltonetworks / pan-os 11.1.2-h1 11.1.2-h1.x
paloaltonetworks / pan-os 11.1.2-h3 11.1.2-h3.x
paloaltonetworks / pan-os 10.1.0 10.1.14
paloaltonetworks / pan-os 10.1.14 10.1.14.x
paloaltonetworks / pan-os 10.1.14-h4 10.1.14-h4.x
paloaltonetworks / pan-os 10.1.14-h6 10.1.14-h6.x
paloaltonetworks / pan-os 10.2.8-h10 10.2.8-h10.x
paloaltonetworks / pan-os 10.2.8-h13 10.2.8-h13.x
paloaltonetworks / pan-os 10.2.8-h15 10.2.8-h15.x
paloaltonetworks / pan-os 10.2.8-h18 10.2.8-h18.x
paloaltonetworks / pan-os 10.2.8-h4 10.2.8-h4.x
paloaltonetworks / pan-os 10.2.9-h11 10.2.9-h11.x
paloaltonetworks / pan-os 10.2.9-h14 10.2.9-h14.x
paloaltonetworks / pan-os 10.2.9-h16 10.2.9-h16.x
paloaltonetworks / pan-os 10.2.9-h18 10.2.9-h18.x
paloaltonetworks / pan-os 10.2.9-h9 10.2.9-h9.x
paloaltonetworks / pan-os 10.2.10-h2 10.2.10-h2.x
paloaltonetworks / pan-os 10.2.10-h3 10.2.10-h3.x
paloaltonetworks / pan-os 10.2.10-h4 10.2.10-h4.x
paloaltonetworks / pan-os 10.2.10-h5 10.2.10-h5.x
paloaltonetworks / pan-os 10.2.10-h7 10.2.10-h7.x
paloaltonetworks / pan-os 10.2.10-h9 10.2.10-h9.x
paloaltonetworks / pan-os 10.2.10-h10 10.2.10-h10.x
paloaltonetworks / pan-os 10.2.11-h1 10.2.11-h1.x
paloaltonetworks / pan-os 10.2.11-h2 10.2.11-h2.x
paloaltonetworks / pan-os 10.2.11-h3 10.2.11-h3.x
paloaltonetworks / pan-os 10.1.14-h8 10.1.14-h8.x
paloaltonetworks / pan-os 10.2.0 10.2.7
paloaltonetworks / pan-os 10.2.7-h12 10.2.7-h12.x
paloaltonetworks / pan-os 10.2.7-h16 10.2.7-h16.x
paloaltonetworks / pan-os 10.2.7-h18 10.2.7-h18.x
paloaltonetworks / pan-os 10.2.7-h19 10.2.7-h19.x
paloaltonetworks / pan-os 10.2.7-h21 10.2.7-h21.x
paloaltonetworks / pan-os 10.2.8-h19 10.2.8-h19.x
paloaltonetworks / pan-os 10.2.9-h19 10.2.9-h19.x
paloaltonetworks / pan-os 10.2.12-h2 10.2.12-h2.x
paloaltonetworks / pan-os 10.2.12-h3 10.2.12-h3.x
paloaltonetworks / pan-os 10.2.13 10.2.13.x
paloaltonetworks / pan-os 10.2.13-h1 10.2.13-h1.x
paloaltonetworks / pan-os 10.2.12-h4 10.2.12-h4.x
paloaltonetworks / pan-os 10.2.13-h2 10.2.13-h2.x
paloaltonetworks / pan-os 11.1.6 11.1.6.x
paloaltonetworks / pan-os 11.2.4-h1 11.2.4-h1.x
paloaltonetworks / pan-os 11.2.4-h2 11.2.4-h2.x
paloaltonetworks / pan-os 11.2.4-h3 11.2.4-h3.x
paloaltonetworks / pan-os 11.1.2-h12 11.1.2-h12.x
paloaltonetworks / pan-os 11.1.2-h14 11.1.2-h14.x
paloaltonetworks / pan-os 11.1.2-h15 11.1.2-h15.x
paloaltonetworks / pan-os 11.1.2-h4 11.1.2-h4.x
paloaltonetworks / pan-os 11.1.2-h9 11.1.2-h9.x
paloaltonetworks / pan-os 11.1.2-h2 11.1.2-h2.x
paloaltonetworks / pan-os 11.1.2-h5 11.1.2-h5.x
paloaltonetworks / pan-os 11.1.2-h6 11.1.2-h6.x
paloaltonetworks / pan-os 11.1.2-h7 11.1.2-h7.x
paloaltonetworks / pan-os 11.1.2-h8 11.1.2-h8.x
paloaltonetworks / pan-os 11.1.2-h10 11.1.2-h10.x
paloaltonetworks / pan-os 11.1.2-h11 11.1.2-h11.x
paloaltonetworks / pan-os 11.1.2-h13 11.1.2-h13.x
paloaltonetworks / pan-os 11.1.2-h16 11.1.2-h16.x
paloaltonetworks / pan-os 11.1.2-h17 11.1.2-h17.x
paloaltonetworks / pan-os 11.1.4 11.1.4.x
paloaltonetworks / pan-os 11.1.4-h1 11.1.4-h1.x
paloaltonetworks / pan-os 11.1.4-h4 11.1.4-h4.x
paloaltonetworks / pan-os 11.1.4-h7 11.1.4-h7.x
paloaltonetworks / pan-os 11.1.4-h2 11.1.4-h2.x
paloaltonetworks / pan-os 11.1.4-h3 11.1.4-h3.x
paloaltonetworks / pan-os 11.1.4-h5 11.1.4-h5.x
paloaltonetworks / pan-os 11.1.4-h6 11.1.4-h6.x
paloaltonetworks / pan-os 11.1.4-h10 11.1.4-h10.x
paloaltonetworks / pan-os 10.2.11-h4 10.2.11-h4.x
paloaltonetworks / pan-os 10.2.11-h6 10.2.11-h6.x
paloaltonetworks / pan-os 10.2.11-h9 10.2.11-h9.x
paloaltonetworks / pan-os 10.1.14-h1 10.1.14-h1.x
paloaltonetworks / pan-os 11.1.4-h8 11.1.4-h8.x
paloaltonetworks / pan-os 11.1.4-h9 11.1.4-h9.x
paloaltonetworks / pan-os 11.1.4-h11 11.1.4-h11.x
paloaltonetworks / pan-os 11.1.4-h12 11.1.4-h12.x
paloaltonetworks / pan-os 10.2.7-h2 10.2.7-h2.x
paloaltonetworks / pan-os 10.2.7-h4 10.2.7-h4.x
paloaltonetworks / pan-os 10.2.7-h5 10.2.7-h5.x
paloaltonetworks / pan-os 10.2.7-h7 10.2.7-h7.x
paloaltonetworks / pan-os 10.2.7-h9 10.2.7-h9.x
paloaltonetworks / pan-os 10.2.7-h10 10.2.7-h10.x
paloaltonetworks / pan-os 10.2.7-h11 10.2.7-h11.x
paloaltonetworks / pan-os 10.2.7-h13 10.2.7-h13.x
paloaltonetworks / pan-os 10.2.7-h14 10.2.7-h14.x
paloaltonetworks / pan-os 10.2.7-h15 10.2.7-h15.x
paloaltonetworks / pan-os 10.2.7-h17 10.2.7-h17.x
paloaltonetworks / pan-os 10.2.7-h20 10.2.7-h20.x
paloaltonetworks / pan-os 10.2.7-h22 10.2.7-h22.x
paloaltonetworks / pan-os 10.2.7-h23 10.2.7-h23.x
paloaltonetworks / pan-os 10.2.8-h1 10.2.8-h1.x
paloaltonetworks / pan-os 10.2.8-h2 10.2.8-h2.x
paloaltonetworks / pan-os 10.2.8-h5 10.2.8-h5.x
paloaltonetworks / pan-os 10.2.8-h6 10.2.8-h6.x
paloaltonetworks / pan-os 10.2.8-h7 10.2.8-h7.x
paloaltonetworks / pan-os 10.2.8-h8 10.2.8-h8.x
paloaltonetworks / pan-os 10.2.8-h9 10.2.8-h9.x
paloaltonetworks / pan-os 10.2.8-h11 10.2.8-h11.x
paloaltonetworks / pan-os 10.2.8-h12 10.2.8-h12.x
paloaltonetworks / pan-os 10.2.8-h14 10.2.8-h14.x
paloaltonetworks / pan-os 10.2.8-h16 10.2.8-h16.x
paloaltonetworks / pan-os 10.2.8-h17 10.2.8-h17.x
paloaltonetworks / pan-os 10.2.8-h20 10.2.8-h20.x
paloaltonetworks / pan-os 10.2.9-h2 10.2.9-h2.x
paloaltonetworks / pan-os 10.2.9-h3 10.2.9-h3.x
paloaltonetworks / pan-os 10.2.9-h4 10.2.9-h4.x
paloaltonetworks / pan-os 10.2.9-h5 10.2.9-h5.x
paloaltonetworks / pan-os 10.2.9-h6 10.2.9-h6.x
paloaltonetworks / pan-os 10.2.9-h7 10.2.9-h7.x
paloaltonetworks / pan-os 10.2.9-h8 10.2.9-h8.x
paloaltonetworks / pan-os 10.2.9-h12 10.2.9-h12.x
paloaltonetworks / pan-os 10.2.9-h13 10.2.9-h13.x
paloaltonetworks / pan-os 10.2.9-h15 10.2.9-h15.x
paloaltonetworks / pan-os 10.2.9-h17 10.2.9-h17.x
paloaltonetworks / pan-os 10.2.9-h20 10.2.9-h20.x
paloaltonetworks / pan-os 10.2.10-h1 10.2.10-h1.x
paloaltonetworks / pan-os 10.2.10-h6 10.2.10-h6.x
paloaltonetworks / pan-os 10.2.10-h8 10.2.10-h8.x
paloaltonetworks / pan-os 10.2.10-h11 10.2.10-h11.x
paloaltonetworks / pan-os 10.2.10-h12 10.2.10-h12.x
paloaltonetworks / pan-os 10.2.10-h13 10.2.10-h13.x
paloaltonetworks / pan-os 10.2.11-h5 10.2.11-h5.x
paloaltonetworks / pan-os 10.2.11-h7 10.2.11-h7.x
paloaltonetworks / pan-os 10.2.11-h8 10.2.11-h8.x
paloaltonetworks / pan-os 10.2.11-h10 10.2.11-h10.x
paloaltonetworks / pan-os 10.2.11-h11 10.2.11-h11.x
paloaltonetworks / pan-os 10.2.12-h5 10.2.12-h5.x
paloaltonetworks / pan-os 10.1.14-h3 10.1.14-h3.x
paloaltonetworks / pan-os 10.1.14-h5 10.1.14-h5.x
paloaltonetworks / pan-os 10.1.14-h7 10.1.14-h7.x
paloaltonetworks / pan-os 11.1.5 11.1.5.x
paloaltonetworks / pan-os 11.1.3 11.1.3.x
paloaltonetworks / pan-os 10.2.10 10.2.10.x
paloaltonetworks / pan-os 10.2.11 10.2.11.x
paloaltonetworks / pan-os 11.1.0 11.1.2