Intrusion PreventionPalo.Alto.Networks.CVE-2025-0108.Authentication.Bypass
Description
This indicates an attempt to exploit an Authentication Bypass vulnerability in Palo Alto Networks PAN-OS.
The vulnerability is caused by improper handling of authentication. A remote, unauthenticated attacker could exploit this issue by sending a crafted request to the target server. Successful exploitation could allow an attacker to interact with features that require authentication.
Affected Products
Palo Alto Networks PAN-OS 11.2 prior to 11.2.4-h4
Palo Alto Networks PAN-OS 11.1.2 prior to 11.1.2-h18
Palo Alto Networks PAN-OS 11.1.6 prior to 11.1.6-h1
Palo Alto Networks PAN-OS 10.2.7 prior to 10.2.7-h24
Palo Alto Networks PAN-OS 10.2.8 prior to 10.2.8-h21
Palo Alto Networks PAN-OS 10.2.9 prior to 10.2.9-h21
Palo Alto Networks PAN-OS 10.2.10 prior to 10.2.10-h14
Palo Alto Networks PAN-OS 10.2.11 prior to 10.2.11-h12
Palo Alto Networks PAN-OS 10.2.12 prior to 10.2.12-h6
Palo Alto Networks PAN-OS 10.2.13 prior to 10.2.13-h3
Palo Alto Networks PAN-OS 10.1 prior to 10.1.14-h9
Impact
Security Bypass: Remote attackers can bypass security features of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://security.paloaltonetworks.com/CVE-2025-0108
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| ID | 57317 |
| Created | Feb 20, 2025 |
| Updated | Mar 04, 2025 |
| CVE ID | |
| Tags | Threat Signal |
| Risk |
|
| Known Exploited | Yes |
| Exploit Prediction Score | 94.12% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |
| Profile Type | Permission/Privilege/Access Control |