CWE-155
AllowedImproper Neutralization of Wildcards or Matching Symbols
Abstraction: Variant · Status: Draft
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component.
31 vulnerabilities reference this CWE, most recent first.
CVE-2026-49482 (GCVE-0-2026-49482)
Vulnerability from cvelistv5 – Published: 2026-06-11 22:55 – Updated: 2026-06-12 13:36| URL | Tags |
|---|---|
| https://github.com/MacWarrior/clipbucket-v5/secur… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| MacWarrior | clipbucket-v5 |
Affected:
< 5.5.3 - #141
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-49482",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-12T13:36:53.029345Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-12T13:36:57.909Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wv43-277p-737c"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "clipbucket-v5",
"vendor": "MacWarrior",
"versions": [
{
"status": "affected",
"version": "\u003c 5.5.3 - #141"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #141, ClipBucket v5 contains an improper neutralization of SQL wildcard characters in the subtitle editing endpoint. An authenticated user can send a % character as the number parameter to overwrite all subtitle titles of any video they own in a single HTTP request. This issue has been patched in version 5.5.3 - #141."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-943",
"description": "CWE-943: Improper Neutralization of Special Elements in Data Query Logic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-11T22:55:17.738Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wv43-277p-737c",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wv43-277p-737c"
}
],
"source": {
"advisory": "GHSA-wv43-277p-737c",
"discovery": "UNKNOWN"
},
"title": "ClipBucket: SQL Wildcard Injection in Subtitle Edit Endpoint Allows Mass Subtitle Overwrite"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-49482",
"datePublished": "2026-06-11T22:55:17.738Z",
"dateReserved": "2026-05-30T04:17:43.095Z",
"dateUpdated": "2026-06-12T13:36:57.909Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-27515 (GCVE-0-2025-27515)
Vulnerability from cvelistv5 – Published: 2025-03-05 18:45 – Updated: 2025-03-05 18:59- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
| URL | Tags |
|---|---|
| https://github.com/laravel/framework/security/adv… | x_refsource_CONFIRM |
| https://github.com/laravel/framework/commit/2d133… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-27515",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T18:59:39.412635Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:59:49.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "framework",
"vendor": "laravel",
"versions": [
{
"status": "affected",
"version": "\u003e= 12.0.0, \u003c 12.1.1"
},
{
"status": "affected",
"version": "\u003c 11.44.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T18:45:50.101Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/laravel/framework/security/advisories/GHSA-78fx-h6xr-vch4"
},
{
"name": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/laravel/framework/commit/2d133034fefddfb047838f4caca3687a3ba811a5"
}
],
"source": {
"advisory": "GHSA-78fx-h6xr-vch4",
"discovery": "UNKNOWN"
},
"title": "Laravel has a File Validation Bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-27515",
"datePublished": "2025-03-05T18:45:50.101Z",
"dateReserved": "2025-02-26T18:11:52.307Z",
"dateUpdated": "2025-03-05T18:59:49.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24376 (GCVE-0-2025-24376)
Vulnerability from cvelistv5 – Published: 2025-01-30 15:51 – Updated: 2025-02-12 19:51| URL | Tags |
|---|---|
| https://github.com/kubewarden/kubewarden-controll… | x_refsource_CONFIRM |
| https://github.com/kubewarden/kubewarden-controll… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| kubewarden | kubewarden-controller |
Affected:
>= 1.7.0, < 1.21.0
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T16:30:48.623239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T19:51:11.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "kubewarden-controller",
"vendor": "kubewarden",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.7.0, \u003c 1.21.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "kubewarden-controller is a Kubernetes controller that allows you to dynamically register Kubewarden admission policies. By design, AdmissionPolicy and AdmissionPolicyGroup can evaluate only namespaced resources. The resources to be evaluated are determined by the rules provided by the user when defining the policy. There might be Kubernetes namespaced resources that should not be validated by AdmissionPolicy and by the AdmissionPolicyGroup policies because of their sensitive nature. For example, PolicyReport are namespaced resources that contain the list of non compliant objects found inside of a namespace. An attacker can use either an AdmissionPolicy or an AdmissionPolicyGroup to prevent the creation and update of PolicyReport objects to hide non-compliant resources. Moreover, the same attacker might use a mutating AdmissionPolicy to alter the contents of the PolicyReport created inside of the namespace. Starting from the 1.21.0 release, the validation rules applied to AdmissionPolicy and AdmissionPolicyGroup have been tightened to prevent them from validating sensitive types of namespaced resources."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T15:51:46.184Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kubewarden/kubewarden-controller/security/advisories/GHSA-fc89-jghx-8pvg"
},
{
"name": "https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kubewarden/kubewarden-controller/commit/8124039b5f0c955d0ee8c8ca12d4415282f02d2c"
}
],
"source": {
"advisory": "GHSA-fc89-jghx-8pvg",
"discovery": "UNKNOWN"
},
"title": "The kubewarden-controller AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24376",
"datePublished": "2025-01-30T15:51:46.184Z",
"dateReserved": "2025-01-20T15:18:26.992Z",
"dateUpdated": "2025-02-12T19:51:11.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11757 (GCVE-0-2025-11757)
Vulnerability from cvelistv5 – Published: 2025-10-21 17:24 – Updated: 2025-10-21 18:29- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
| URL | Tags |
|---|---|
| https://www.cisa.gov/news-events/ics-advisories/i… | government-resource |
| Vendor | Product | Version | |
|---|---|---|---|
| CloudEdge | CloudEdge App |
Affected:
4.4.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11757",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-21T18:28:30.720387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T18:29:00.590Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CloudEdge App",
"vendor": "CloudEdge",
"versions": [
{
"status": "affected",
"version": "4.4.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ph4ng0t reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key information to connect to the cameras from peer to peer.\u003c/span\u003e"
}
],
"value": "The CloudEdge Cloud does not sanitize the MQTT topic input, which could allow an attacker to leverage the MQTT wildcard to receive all the messages that should be delivered to other users by subscribing to the a MQTT topic. In these messages, the attacker can obtain the credentials and key information to connect to the cameras from peer to peer."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T17:24:54.398Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-294-05"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Improper Neutralization of Wildcards or Matching Symbols in CloudEdge Online Cameras and App",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCloudEdge and its parent company Meari Technologies did not respond to CISA\u0027s attempts at coordination. Users of CloudEdge Cameras are encouraged to contact CloudEdge or \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\"\u003eMeari Technolgies\u003c/a\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;and keep their systems up to date.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "CloudEdge and its parent company Meari Technologies did not respond to CISA\u0027s attempts at coordination. Users of CloudEdge Cameras are encouraged to contact CloudEdge or Meari Technolgies\u00a0and keep their systems up to date."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-11757",
"datePublished": "2025-10-21T17:24:54.398Z",
"dateReserved": "2025-10-14T18:46:17.797Z",
"dateUpdated": "2025-10-21T18:29:00.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4232 (GCVE-0-2025-4232)
Vulnerability from cvelistv5 – Published: 2025-06-12 23:22 – Updated: 2026-02-26 17:50- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-4232 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.3 , < 6.3.3
(custom)
Affected: 6.2.0 , < 6.2.8-h2 (custom) Affected: 6.1.0 (custom) Affected: 6.0.0 (custom) cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:* |
|
| Palo Alto Networks | GlobalProtect App |
Unaffected:
All
(custom)
cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:* cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4232",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-14T03:56:19.829250Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:39.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:macOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:macOS:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"macOS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "affected",
"version": "6.3",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.8-h2",
"status": "unaffected"
}
],
"lessThan": "6.2.8-h2",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.2:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.1:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.3.0:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.7:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.6:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.4:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.3:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.2:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.1:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.2.0:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.7:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.6:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.5:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.4:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.3:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.2:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.1:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.1.0:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.11:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.10:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.8:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.7:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.6:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.5:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.4:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.3:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.2:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.1:*:*:*:*:ChromeOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Windows:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Linux:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:Android:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:iOS:*:*",
"cpe:2.3:a:palo_alto_networks:globalprotect_app:6.0.0:*:*:*:*:ChromeOS:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"Android",
"iOS",
"Chrome OS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eNo special configuration is required to be affected by this issue.\u003c/span\u003e"
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rutger Flohil"
}
],
"datePublic": "2025-06-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root.\u003c/p\u003e"
}
],
"value": "An improper neutralization of wildcards vulnerability in the log collection feature of Palo Alto Networks GlobalProtect\u2122 app on macOS allows a non administrative user to escalate their privileges to root."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T23:22:34.993Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-4232"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable class=\"tbl\"\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eMinor Version\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\n \u003ctd\u003eGlobalProtect App 6.3 on macOS\u003cbr\u003e\u003c/td\u003e\n \u003ctd\u003e6.3.0 through 6.3.2\u003c/td\u003e\n \u003ctd\u003eUpgrade to 6.3.3 or later.\u003c/td\u003e\n \u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on macOS\u003c/td\u003e\u003ctd\u003e6.2.0 through 6.2.8-h2\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or\u0026nbsp;6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on macOS\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003cbr\u003e\u003c/td\u003e\u003ctd\u003e\u003c/td\u003e\u003ctd\u003eNo action needed.\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Chrome OS\u003c/td\u003e\u003ctd\u003e\u0026nbsp;\u003c/td\u003e\u003ctd\u003eNo action needed.\u0026nbsp;\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "Version\nMinor Version\nSuggested Solution\n\n GlobalProtect App 6.3 on macOS\n\n 6.3.0 through 6.3.2\n Upgrade to 6.3.3 or later.\n GlobalProtect App 6.2 on macOS6.2.0 through 6.2.8-h2Upgrade to 6.2.8-h2 [ETA June 2025] or\u00a06.3.3 or later.GlobalProtect App 6.1 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App 6.0 on macOSUpgrade to 6.2.8-h2 [ETA June 2025] or 6.3.3 or later.GlobalProtect App on Windows\nNo action needed.GlobalProtect App on Linux\nNo action needed.GlobalProtect App on Android\nNo action needed.GlobalProtect App on iOS\nNo action needed.GlobalProtect App on Chrome OS\u00a0No action needed."
}
],
"source": {
"defect": [
"GPC-21969"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-06-11T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "GlobalProtect: Authenticated Code Injection Through Wildcard on macOS",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan\u003eNo workaround or mitigation is available.\u003c/span\u003e"
}
],
"value": "No workaround or mitigation is available."
}
],
"x_affectedList": [
"GlobalProtect App 6.3.2",
"GlobalProtect App 6.3.1",
"GlobalProtect App 6.3.0",
"GlobalProtect App 6.3",
"GlobalProtect App 6.2.7",
"GlobalProtect App 6.2.6",
"GlobalProtect App 6.2.4",
"GlobalProtect App 6.2.3",
"GlobalProtect App 6.2.2",
"GlobalProtect App 6.2.1",
"GlobalProtect App 6.2.0",
"GlobalProtect App 6.2",
"GlobalProtect App 6.1.7",
"GlobalProtect App 6.1.6",
"GlobalProtect App 6.1.5",
"GlobalProtect App 6.1.4",
"GlobalProtect App 6.1.3",
"GlobalProtect App 6.1.2",
"GlobalProtect App 6.1.1",
"GlobalProtect App 6.1.0",
"GlobalProtect App 6.1",
"GlobalProtect App 6.0.11",
"GlobalProtect App 6.0.10",
"GlobalProtect App 6.0.8",
"GlobalProtect App 6.0.7",
"GlobalProtect App 6.0.6",
"GlobalProtect App 6.0.5",
"GlobalProtect App 6.0.4",
"GlobalProtect App 6.0.3",
"GlobalProtect App 6.0.2",
"GlobalProtect App 6.0.1",
"GlobalProtect App 6.0.0",
"GlobalProtect App 6.0"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-4232",
"datePublished": "2025-06-12T23:22:34.993Z",
"dateReserved": "2025-05-02T19:10:45.457Z",
"dateUpdated": "2026-02-26T17:50:39.870Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0681 (GCVE-0-2025-0681)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:53 – Updated: 2025-01-30 19:11| Vendor | Product | Version | |
|---|---|---|---|
| New Rock Technologies | OM500 IP-PBX |
Affected:
All
|
|
| New Rock Technologies | MX8G VoIP Gateway |
Affected:
All
|
|
| New Rock Technologies | NRP1302/P Desktop IP Phone |
Affected:
All
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0681",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:11:47.355418Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:11:58.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OM500 IP-PBX",
"vendor": "New Rock Technologies",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "MX8G VoIP Gateway",
"vendor": "New Rock Technologies",
"versions": [
{
"status": "affected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "NRP1302/P Desktop IP Phone",
"vendor": "New Rock Technologies",
"versions": [
{
"status": "affected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomer Goldschmidt of Claroty Team82 reported these vulnerabilities to CISA."
}
],
"datePublic": "2025-01-30T17:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The Cloud MQTT service of the affected products supports wildcard topic \nsubscription which could allow an attacker to obtain sensitive \ninformation from tapping the service communications."
}
],
"value": "The Cloud MQTT service of the affected products supports wildcard topic \nsubscription which could allow an attacker to obtain sensitive \ninformation from tapping the service communications."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T18:53:09.669Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-030-02"
},
{
"url": "https://www.newrocktech.com/ContactUs/index.html"
}
],
"source": {
"advisory": "ICSA-25-030-02",
"discovery": "EXTERNAL"
},
"title": "New Rock Technologies Cloud Connected Devices Improper Neutralization of Wildcards or Matching Symbols",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "New Rock Technologies has not responded to requests to work with CISA to\n mitigate these vulnerabilities. Users of affected versions of New Rock \nTechnologies Cloud Connected Devices are invited to contact New Rock \nTechnologies \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.newrocktech.com/ContactUs/index.html\"\u003ecustomer support\u003c/a\u003e for additional information.\n\n\u003cbr\u003e"
}
],
"value": "New Rock Technologies has not responded to requests to work with CISA to\n mitigate these vulnerabilities. Users of affected versions of New Rock \nTechnologies Cloud Connected Devices are invited to contact New Rock \nTechnologies customer support https://www.newrocktech.com/ContactUs/index.html for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-0681",
"datePublished": "2025-01-30T18:53:09.669Z",
"dateReserved": "2025-01-23T16:50:56.326Z",
"dateUpdated": "2025-01-30T19:11:58.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0106 (GCVE-0-2025-0106)
Vulnerability from cvelistv5 – Published: 2025-01-11 03:02 – Updated: 2025-01-13 19:48 Unsupported When Assigned- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/PAN-SA-2025-0001 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | Expedition |
Affected:
1 , < 1.2.101
(custom)
|
|
| Palo Alto Networks | Panorama |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | PAN-OS |
Unaffected:
All
(custom)
|
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T19:48:34.201820Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T19:48:42.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Expedition",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "1.2.101",
"status": "unaffected"
}
],
"lessThan": "1.2.101",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Panorama",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be affected by this issue."
}
],
"value": "No special configuration is required to be affected by this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Advanced Research Team, CrowdStrike"
}
],
"datePublic": "2025-01-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"value": "A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-127",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-127 Directory Indexing"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-11T03:02:24.574Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/PAN-SA-2025-0001"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\u003cbr\u003e\u003cbr\u003e* Expedition \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ereached its End of Life (EoL) date\u003c/a\u003e and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642\"\u003ethe Expedition End of Life Announcement\u003c/a\u003e."
}
],
"value": "This issue is fixed in Expedition 1.2.101 and all later versions* of Expedition.\n\n* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 ."
}
],
"source": {
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"timeline": [
{
"lang": "en",
"time": "2025-01-08T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "Expedition: Wildcard Expansion Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"value": "Ensure that all network access to Expedition is restricted to only authorized users, hosts, and networks. If you are not actively using Expedition, make sure that your Expedition software is shut down."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0106",
"datePublished": "2025-01-11T03:02:24.574Z",
"dateReserved": "2024-12-20T23:23:08.270Z",
"dateUpdated": "2025-01-13T19:48:42.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47791 (GCVE-0-2024-47791)
Vulnerability from cvelistv5 – Published: 2024-12-06 18:16 – Updated: 2024-12-06 20:40{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:ruijie:reyee_os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "reyee_os",
"vendor": "ruijie",
"versions": [
{
"lessThan": "2.320.x",
"status": "affected",
"version": "2.206.x",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-06T19:21:35.726420Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T20:40:14.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Reyee OS",
"vendor": "Ruijie",
"versions": [
{
"lessThan": "2.320.x",
"status": "affected",
"version": "2.206.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomer Goldschmidt and Noam Moshe of Claroty Team82 reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eRuijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices.\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e\n\n\u003c/span\u003e"
}
],
"value": "Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow an attacker to subscribe to partial possible topics in Ruijie MQTT broker, and receive partial messages being sent to and from devices."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-06T18:16:07.652Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-338-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eRuijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\u003c/p\u003e\u003cul\u003e\u003cli\u003eMinimize network exposure for all control system devices and/or systems, ensuring they are \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01\"\u003enot accessible from the internet\u003c/a\u003e.\u003c/li\u003e\u003cli\u003eLocate control system networks and remote devices behind firewalls and isolating them from business networks.\u003c/li\u003e\u003cli\u003eWhen remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "Ruijie reports that the issues have been fixed on the cloud and no action is needed by end users. However, CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:\n\n * Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01 .\n * Locate control system networks and remote devices behind firewalls and isolating them from business networks.\n * When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices."
}
],
"source": {
"advisory": "ICSA-24-338-01",
"discovery": "EXTERNAL"
},
"title": "Ruijie Reyee OS Improper Neutralization of Wildcards or Matching Symbols",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-47791",
"datePublished": "2024-12-06T18:16:07.652Z",
"dateReserved": "2024-11-20T23:41:59.164Z",
"dateUpdated": "2024-12-06T20:40:14.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8688 (GCVE-0-2024-8688)
Vulnerability from cvelistv5 – Published: 2024-09-11 16:40 – Updated: 2024-09-11 18:24- CWE-155 - Improper Neutralization of Wildcards or Matching Symbols
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | PAN-OS |
Affected:
9.1.0 , < 9.1.15
(custom)
Affected: 10.0.0 , < 10.0.10 (custom) Affected: 10.1.0 , < 10.1.1 (custom) Unaffected: 10.2.0 Unaffected: 11.0.0 Unaffected: 11.1.0 Unaffected: 11.2.0 |
|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
|
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8688",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-11T18:23:35.134977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T18:24:45.419Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "9.1.15",
"status": "unaffected"
}
],
"lessThan": "9.1.15",
"status": "affected",
"version": "9.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.0.10",
"status": "unaffected"
}
],
"lessThan": "10.0.10",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.1",
"status": "unaffected"
}
],
"lessThan": "10.1.1",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.2.0"
},
{
"status": "unaffected",
"version": "11.0.0"
},
{
"status": "unaffected",
"version": "11.1.0"
},
{
"status": "unaffected",
"version": "11.2.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Matei \"Mal\" Badanoiu of Deloitte"
},
{
"lang": "en",
"type": "finder",
"value": "Martin Smid of Palo Alto Networks"
}
],
"datePublic": "2024-09-11T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall."
}
],
"value": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e"
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-6",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-6 Argument Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155 Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-11T16:48:22.674Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2024-8688"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 9.1.15, PAN-OS 10.0.10, PAN-OS 10.1.1, and all later PAN-OS versions.\u003cbr\u003e"
}
],
"value": "This issue is fixed in PAN-OS 9.1.15, PAN-OS 10.0.10, PAN-OS 10.1.1, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-151792",
"PAN-82874"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-09-11T16:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-8688",
"datePublished": "2024-09-11T16:40:50.806Z",
"dateReserved": "2024-09-11T08:21:13.753Z",
"dateUpdated": "2024-09-11T18:24:45.419Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6509 (GCVE-0-2024-6509)
Vulnerability from cvelistv5 – Published: 2024-09-10 04:58 – Updated: 2025-03-28 07:27| Vendor | Product | Version | |
|---|---|---|---|
| Axis Communications AB | AXIS OS |
Affected:
6.50.0 , < 6.50.5.19
(semver)
Affected: 7.0.0 , < 8.40.59 (semver) Affected: 9.0.0 , < 9.80.78 (semver) Affected: 10.0.0 , < 10.12.249 (semver) Affected: 11.0.0 , < 11.11.93 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6509",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T14:28:40.370380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T13:38:10.177Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "AXIS OS",
"vendor": "Axis Communications AB",
"versions": [
{
"lessThan": "6.50.5.19",
"status": "affected",
"version": "6.50.0",
"versionType": "semver"
},
{
"lessThan": "8.40.59",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThan": "9.80.78",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "10.12.249",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "11.11.93",
"status": "affected",
"version": "11.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API \u003ci\u003ealwaysmulti.cgi\u003c/i\u003e was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.\n\n\u003cbr\u003e"
}
],
"value": "Marinus Pfund, member of the AXIS OS Bug Bounty Program, \nhas found the VAPIX API alwaysmulti.cgi was vulnerable for file globbing which could lead to resource exhaustion of the Axis device. \nAxis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-155",
"description": "CWE-155: Improper Neutralization of Wildcards or Matching Symbols",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T07:27:30.180Z",
"orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"shortName": "Axis"
},
"references": [
{
"url": "https://www.axis.com/dam/public/f6/c6/f5/cve-2024-6509-en-US-458043.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
"assignerShortName": "Axis",
"cveId": "CVE-2024-6509",
"datePublished": "2024-09-10T04:58:28.559Z",
"dateReserved": "2024-07-04T11:14:14.032Z",
"dateUpdated": "2025-03-28T07:27:30.180Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Developers should anticipate that wildcard or matching elements will be injected/removed/manipulated in the input vectors of their product. Use an appropriate combination of denylists and allowlists to ensure only valid, expected and appropriate input is processed by the system.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-28
Strategy: Output Encoding
While it is risky to use dynamically-generated query strings, code, or commands that mix control and data together, sometimes it may be unavoidable. Properly quote arguments and escape any special characters within those arguments. The most conservative approach is to escape or filter all characters that do not pass an extremely strict allowlist (such as everything that is not alphanumeric or white space). If some special characters are still needed, such as white space, wrap each argument in quotes after the escaping/filtering step. Be careful of argument injection (CWE-88).
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.