Description
A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields.
Published: 2026-05-13
Score: 1.1 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An authenticated administrator can inject arbitrary content into certain Broker VM fields due to improper input validation. This flaw enables modification of configuration values such as certificates and keys, potentially undermining the integrity of the Broker VM’s security settings. The vulnerability does not disclose capability for remote code execution or external impact; its effect is limited to compromising internal configuration by users with admin privileges.

Affected Systems

Palo Alto Networks Broker VM 30.0 and earlier versions up to 30.0.24 are affected. The vendor recommends upgrading to broker VM 30.0.24 or later to remediate the flaw.

Risk and Exploitability

The CVSS score of 1.1 reflects a low severity. No EPSS score is available and the vulnerability is not listed in the CISA KEV catalog. Exploit requires authenticated administrator access; there are no known workarounds. The low impact score and requirement for privileged access reduce overall risk, but patching remains advisable.

Generated by OpenCVE AI on May 13, 2026 at 19:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Backup current Broker VM configuration and certificates
  • Upgrade Broker VM to version 30.0.24 or later following vendor release procedures
  • Restrict certificate and key field modifications to authorized administrators only

Generated by OpenCVE AI on May 13, 2026 at 19:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 13 May 2026 18:30:00 +0000

Type Values Removed Values Added
Description A vulnerability in Palo Alto Networks Broker VM allows an authenticated administrator to inject arbitrary content into certain Broker VM fields.
Title Broker VM: Improper Input Validation in Broker VM Certificate and Key Fields
First Time appeared Palo Alto Networks
Palo Alto Networks broker Vm
Weaknesses CWE-20
CPEs cpe:2.3:a:palo_alto_networks:broker_vm:*:*:*:*:*:*:*:*
Vendors & Products Palo Alto Networks
Palo Alto Networks broker Vm
References
Metrics cvssV4_0

{'score': 1.1, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber'}

Subscriptions

Palo Alto Networks Broker Vm
cve-icon MITRE

Status: PUBLISHED

Assigner: palo_alto

Published:

Updated: 2026-05-13T18:55:30.943Z

Reserved: 2025-11-03T20:43:59.121Z

Link: CVE-2026-0238

cve-icon Vulnrichment

Updated: 2026-05-13T18:55:26.040Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-13T19:16:57.417

Modified: 2026-05-14T16:21:23.190

Link: CVE-2026-0238

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T21:30:04Z

Weaknesses