Description
A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet.
CVSS breakdown
CVSS 4.0
Attack Vector
Adjacent
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
Low
E
Unchanged
AU
Y
R
Unchanged
V
D
RE
M
U
Amber
Affected products
- Palo Alto Networks / Prisma SD-WAN ION6.5.0 – 25.3.3
- Palo Alto Networks / Prisma SD-WAN ION6.4.0 – 25.1.8
- Palo Alto Networks / Prisma SD-WAN ION6.3.0 – 24.3.6
- Palo Alto Networks / Prisma SD-WAN ION6.1.0 – 6.1.0
- Palo Alto Networks / Prisma SD-WAN ION5.6.0 – 5.6.0