CVE-2023-0007 - Vulnerability Details - OpenCVE

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator’s browser when viewed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00352.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Paloaltonetworks	Pan-os Panorama M-200 Panorama M-500 Panorama M-600

Configuration 1 [-]

AND

OR	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::
	cpe:2.3:o:paloaltonetworks:pan-os::::::::

OR	cpe:2.3:h:paloaltonetworks:panorama_m-200:-:::::::*
	cpe:2.3:h:paloaltonetworks:panorama_m-500:-:::::::*
	cpe:2.3:h:paloaltonetworks:panorama_m-600:-:::::::*

No data.

No data.

Fixes

Solution

This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.

Workaround

This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .

References

Link	Providers
https://security.paloaltonetworks.com/CVE-2023-0007

History

Fri, 24 Jan 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: palo_alto

Published: 2023-05-10T16:30:47.049Z

Updated: 2025-01-24T18:07:08.091Z

Reserved: 2022-10-27T18:48:16.758Z

Link: CVE-2023-0007

Vulnrichment

Updated: 2024-08-02T04:54:32.609Z

NVD

Status : Modified

Published: 2023-05-10T17:15:08.910

Modified: 2024-11-21T07:36:22.863

Link: CVE-2023-0007

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0007", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2022-10-27T18:48:16.758Z", "datePublished": "2023-05-10T16:30:47.049Z", "dateUpdated": "2025-01-24T18:07:08.091Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Panorama"], "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "10.0.7", "status": "unaffected"}], "lessThan": "10.0.7", "status": "affected", "version": "10.0", "versionType": "custom"}, {"changes": [{"at": "9.1.16", "status": "unaffected"}], "lessThan": "9.1.16", "status": "affected", "version": "9.1", "versionType": "custom"}, {"changes": [{"at": "9.0.17", "status": "unaffected"}], "lessThan": "9.0.17", "status": "affected", "version": "9.0", "versionType": "custom"}, {"changes": [{"at": "8.1.25", "status": "unaffected"}], "lessThan": "8.1.25", "status": "affected", "version": "8.1", "versionType": "custom"}, {"status": "unaffected", "version": "10.1"}, {"status": "unaffected", "version": "10.2"}, {"status": "unaffected", "version": "11.0"}]}, {"defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All"}]}, {"defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [{"status": "unaffected", "version": "All"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Colin McQueen"}], "datePublic": "2023-05-10T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.</span><br>"}], "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n"}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>"}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-80", "description": " CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2023-05-10T16:30:47.049Z"}, "references": [{"url": "https://security.paloaltonetworks.com/CVE-2023-0007"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.</span><br>"}], "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\n"}], "source": {"defect": ["PAN-166872"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2023-05-10T16:00:00.000Z", "value": "Initial publication"}], "title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\">https://docs.paloaltonetworks.com/best-practices</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><br>"}], "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.609Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2023-0007", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-24T18:06:54.818624Z", "id": "CVE-2023-0007", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-24T18:07:08.091Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2023-0007", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:54:32.609Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-0007", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-24T18:06:54.818624Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-24T18:05:54.238Z"}}], "cna": {"title": "PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface", "source": {"defect": ["PAN-166872"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Colin McQueen"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "PAN-OS", "versions": [{"status": "affected", "changes": [{"at": "10.0.7", "status": "unaffected"}], "version": "10.0", "lessThan": "10.0.7", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "9.1.16", "status": "unaffected"}], "version": "9.1", "lessThan": "9.1.16", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "9.0.17", "status": "unaffected"}], "version": "9.0", "lessThan": "9.0.17", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "8.1.25", "status": "unaffected"}], "version": "8.1", "lessThan": "8.1.25", "versionType": "custom"}, {"status": "unaffected", "version": "10.1"}, {"status": "unaffected", "version": "10.2"}, {"status": "unaffected", "version": "11.0"}], "platforms": ["Panorama"], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Prisma Access", "versions": [{"status": "unaffected", "version": "All"}], "defaultStatus": "unaffected"}, {"vendor": "Palo Alto Networks", "product": "Cloud NGFW", "versions": [{"status": "unaffected", "version": "All"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n", "supportingMedia": [{"type": "text/html", "value": "<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>", "base64": false}]}], "timeline": [{"lang": "en", "time": "2023-05-10T16:00:00.000Z", "value": "Initial publication"}], "solutions": [{"lang": "en", "value": "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.7, and all later PAN-OS versions.</span><br>", "base64": false}]}], "datePublic": "2023-05-10T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2023-0007"}], "workarounds": [{"lang": "en", "value": "This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices https://docs.paloaltonetworks.com/best-practices .\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following best practices for securing the PAN-OS web interface. Please review the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at </span><a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\">https://docs.paloaltonetworks.com/best-practices</a><span style=\"background-color: rgb(255, 255, 255);\">.</span><br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-80", "description": " CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2023-05-10T16:30:47.049Z"}}}, "cveMetadata": {"cveId": "CVE-2023-0007", "state": "PUBLISHED", "dateUpdated": "2025-01-24T18:07:08.091Z", "dateReserved": "2022-10-27T18:48:16.758Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2023-05-10T16:30:47.049Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "5C73941F-EBEE-4A03-94A4-B4C7C96E4963", "versionEndExcluding": "8.1.25", "versionStartIncluding": "8.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "89A55C5F-8E01-42C4-BE93-D683900C07BE", "versionEndExcluding": "9.0.17", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "56181B13-327B-4249-A7E8-246B2420CEFC", "versionEndExcluding": "9.1.16", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F183A33-114C-4A74-ACEF-51C176B3487F", "versionEndExcluding": "10.0.7", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:paloaltonetworks:panorama_m-200:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C62FBF7-0D37-4CA1-872B-7B6BA3702890", "vulnerable": false}, {"criteria": "cpe:2.3:h:paloaltonetworks:panorama_m-500:-:*:*:*:*:*:*:*", "matchCriteriaId": "8AC66517-BD14-47D9-8CCF-09F325226C23", "vulnerable": false}, {"criteria": "cpe:2.3:h:paloaltonetworks:panorama_m-600:-:*:*:*:*:*:*:*", "matchCriteriaId": "82EAD013-E74C-43A6-BE16-B4F6950A0F88", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n"}], "id": "CVE-2023-0007", "lastModified": "2024-11-21T07:36:22.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.2, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.7, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-05-10T17:15:08.910", "references": [{"source": "psirt@paloaltonetworks.com", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2023-0007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.paloaltonetworks.com/CVE-2023-0007"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-80"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}