CVE-2025-4615 in Cloud NGFW
Résumé (Anglaise)
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands.
The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.
Cloud NGFW and Prisma® Access are not affected by this vulnerability.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Responsable
palo_alto
Réserver
13/05/2025
Divulgation
09/10/2025
Statut
Confirmé
Entrées
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnérabilité | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 327789 | Palo Alto Cloud NGFW/PAN-OS/Prisma Access Management Web élévation de privilèges | 83 | Non défini | Non défini | CVE-2025-4615 |