Exposures › CVE-2025-0108

CVE-2025-0108

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-02-18
Reference
⌖ exploited in the wild shame 50/100 exploited-in-wild

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain P

Players implicated

Description

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts.

Affected FedRAMP products 2 in the catalog

ProductProviderStatusMatch
GCS-HIGH Palo Alto Networks, Inc. Ready vendor-exact · 0.90
Palo Alto Networks Government Cloud Services Palo Alto Networks, Inc. Authorized vendor-exact · 0.90