Palo Alto Networks PAN-OS/Prisma Access/Cloud NGFW XML API argument injection
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.4 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as critical has been found in Palo Alto Networks PAN-OS, Prisma Access and Cloud NGFW. The impacted element is an unknown function of the component XML API. Executing a manipulation can lead to argument injection. This vulnerability is handled as CVE-2023-6792. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.
Details
A vulnerability has been found in Palo Alto Networks PAN-OS, Prisma Access and Cloud NGFW (Firewall Software) (the affected version unknown) and classified as critical. This vulnerability affects an unknown part of the component XML API. The manipulation with an unknown input leads to a argument injection vulnerability. The CWE definition for the vulnerability is CWE-88. The product constructs a string for a command to be executed by a separate component
in another control sphere, but it does not properly delimit the
intended arguments, options, or switches within that command string. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:
An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated API user to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.
The weakness was released 12/13/2023 by Ethan Shackelford. The advisory is shared for download at security.paloaltonetworks.com. This vulnerability was named CVE-2023-6792 since 12/13/2023. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1059.
Upgrading eliminates this vulnerability.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Type
Vendor
Name
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.5VulDB Meta Temp Score: 5.4
VulDB Base Score: 4.7
VulDB Temp Score: 4.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.3
NVD Vector: 🔍
CNA Base Score: 5.5
CNA Vector (Palo Alto Networks, Inc.): 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Argument injectionCWE: CWE-88 / CWE-74 / CWE-707
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Timeline
12/13/2023 🔍12/13/2023 🔍
12/13/2023 🔍
01/10/2024 🔍
Sources
Advisory: security.paloaltonetworks.comResearcher: Ethan Shackelford
Status: Confirmed
CVE: CVE-2023-6792 (🔍)
GCVE (CVE): GCVE-0-2023-6792
GCVE (VulDB): GCVE-100-247936
Entry
Created: 12/13/2023 23:28Updated: 01/10/2024 10:56
Changes: 12/13/2023 23:28 (50), 12/18/2023 10:03 (1), 01/10/2024 10:56 (11)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Could You please align the cpe with the official cpe provided by NVD Nist "paloaltonetworks:pan-os"?
We would be very grateful.
Kind regards,
TEAM CERT
Do you want to use VulDB in your project?
Use the official API to access entries easily!