Description
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
High
User Interaction
Active
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
AU
None
R
Unchanged
V
Changed
RE
M
U
Amber
Affected products
- Palo Alto Networks / Cloud NGFWAll – All
- Palo Alto Networks / Prisma AccessAll – All
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.3 – 11.1.3
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.2 – 11.1.2
- paloaltonetworks / pan-os11.1.1 – 11.1.1
- paloaltonetworks / pan-os11.1.1 – 11.1.1
- paloaltonetworks / pan-os11.1.0 – 11.1.0
- paloaltonetworks / pan-os11.1.0 – 11.1.0
- paloaltonetworks / pan-os11.1.0 – 11.1.0
- paloaltonetworks / pan-os11.1.0 – 11.1.0
- paloaltonetworks / pan-os11.1 – 11.1
- paloaltonetworks / pan-os11.0.5 – 11.0.5
- paloaltonetworks / pan-os11.0.5 – 11.0.5
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.4 – 11.0.4
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.3 – 11.0.3
- paloaltonetworks / pan-os11.0.2 – 11.0.2
- paloaltonetworks / pan-os11.0.2 – 11.0.2
- paloaltonetworks / pan-os11.0.2 – 11.0.2
- paloaltonetworks / pan-os11.0.2 – 11.0.2
- paloaltonetworks / pan-os11.0.2 – 11.0.2
- paloaltonetworks / pan-os11.0.1 – 11.0.1
- paloaltonetworks / pan-os11.0.1 – 11.0.1
- paloaltonetworks / pan-os11.0.1 – 11.0.1
- paloaltonetworks / pan-os11.0.1 – 11.0.1
- paloaltonetworks / pan-os11.0.1 – 11.0.1
- paloaltonetworks / pan-os11.0.0 – 11.0.0
- paloaltonetworks / pan-os11.0.0 – 11.0.0
- paloaltonetworks / pan-os11.0.0 – 11.0.0
- paloaltonetworks / pan-os11.0.0 – 11.0.0
- paloaltonetworks / pan-os11.0 – 11.0
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.10 – 10.2.10
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.9 – 10.2.9
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.8 – 10.2.8
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.7 – 10.2.7
- paloaltonetworks / pan-os10.2.6 – 10.2.6
- paloaltonetworks / pan-os10.2.6 – 10.2.6
- paloaltonetworks / pan-os10.2.6 – 10.2.6
- paloaltonetworks / pan-os10.2.6 – 10.2.6
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.5 – 10.2.5
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.4 – 10.2.4
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.3 – 10.2.3
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.2 – 10.2.2
- paloaltonetworks / pan-os10.2.1 – 10.2.1
- paloaltonetworks / pan-os10.2.1 – 10.2.1
- paloaltonetworks / pan-os10.2.1 – 10.2.1
- paloaltonetworks / pan-os10.2.0 – 10.2.0
- paloaltonetworks / pan-os10.2.0 – 10.2.0
- paloaltonetworks / pan-os10.2.0 – 10.2.0
- paloaltonetworks / pan-os10.2.0 – 10.2.0
- paloaltonetworks / pan-os10.2 – 10.2
- paloaltonetworks / pan-os10.1.13 – 10.1.13
- paloaltonetworks / pan-os10.1.13 – 10.1.13
- paloaltonetworks / pan-os10.1.12 – 10.1.12
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.11 – 10.1.11
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.10 – 10.1.10
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.9 – 10.1.9
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.8 – 10.1.8
- paloaltonetworks / pan-os10.1.7 – 10.1.7
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.6 – 10.1.6
- paloaltonetworks / pan-os10.1.5 – 10.1.5
- paloaltonetworks / pan-os10.1.5 – 10.1.5
- paloaltonetworks / pan-os10.1.5 – 10.1.5
- paloaltonetworks / pan-os10.1.5 – 10.1.5
- paloaltonetworks / pan-os10.1.5 – 10.1.5
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.4 – 10.1.4
- paloaltonetworks / pan-os10.1.3 – 10.1.3
- paloaltonetworks / pan-os10.1.3 – 10.1.3
- paloaltonetworks / pan-os10.1.3 – 10.1.3
- paloaltonetworks / pan-os10.1.3 – 10.1.3
- paloaltonetworks / pan-os10.1.2 – 10.1.2
- paloaltonetworks / pan-os10.1.1 – 10.1.1
- paloaltonetworks / pan-os10.1.0 – 10.1.0
- paloaltonetworks / pan-os10.1 – 10.1
- paloaltonetworks / pan-os10.1.7 – 10.1.7
- paloaltonetworks / pan-os11.1.3 – 11.1.3