www.belgium.be Logo of the federal government

Warning: High-severity vulnerability in Palo Alto's PAN-OS

Reference: 
Advisory #2023-150
Version: 
1.0
Affected software: 
PAN-OS < 11.0.1
PAN-OS < 10.2.4
PAN-OS < 10.1.9
PAN-OS < 10.0.12
PAN-OS < 9.1.16
PAN-OS < 9.0.17
PAN-OS < 8.1.25
Type: 
DOM-Based Cross-Site Scripting (XSS)
CVE/CVSS: 

CVE-2023-6790

Sources

https://security.paloaltonetworks.com/CVE-2023-6790

Risks

The high-severity vulnerability in Palo Alto’s PAN-OS has a HIGH impact on Confidentiality, Integrity, and Availability. The attack complexity is low and no privileges are required to exploit this vulnerability.   
 
Additionally, the vulnerability can be chained with 6 other newly discovered vulnerabilities (CVE-2023-6789, CVE-2023-6791, CVE-2023-6792, CVE-2023-6793, CVE-2023-6794, CVE-2023-6795) for even more impact.  

Description

CVE-2023-6790: DOM-Based Cross-Site Scripting (XSS) Vulnerability in the Web Interface. 
 
An attacker can execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface. Successful exploitation of this vulnerability could allow an attacker to hijack the administrator's login session. 

Recommended Actions

The Centre for Cyber Security Belgium strongly recommends system administrators to visit Palo Alto's PAN-OS customer portal to download and install the patched versions of this software.
 
Patched versions:  
PAN-OS >= 11.0.1
PAN-OS >= 10.2.4
PAN-OS >= 10.1.9
PAN-OS >= 10.0.12
PAN-OS >= 9.1.16
PAN-OS >= 9.0.17
PAN-OS >= 8.1.25

References

https://security.paloaltonetworks.com/CVE-2023-6789
https://security.paloaltonetworks.com/CVE-2023-6791
https://security.paloaltonetworks.com/CVE-2023-6792
https://security.paloaltonetworks.com/CVE-2023-6793
https://security.paloaltonetworks.com/CVE-2023-6794
https://security.paloaltonetworks.com/CVE-2023-6795