CVE-2025-0124
Published: Apr 11, 2025
Modified: Apr 11, 2025
Description
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include system files. The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue affects Cloud NGFW. However, this issue does not affect Prisma® Access software.
| Vendor | Product | Versions |
|---|---|---|
Palo Alto Networks | Cloud NGFW | affected All |
Palo Alto Networks | PAN-OS | affected 11.2.0 - < 11.2.1affected 11.1.0 - < 11.1.5affected 11.0.0 - < 11.0.6affected 10.2.0 - < 10.2.10affected 10.1.0 - < 10.1.14-h11 |
Palo Alto Networks | Prisma Access | unaffected All |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now