{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T23:53:14.418","vulnerabilities":[{"cve":{"id":"CVE-2025-0125","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2025-04-11T02:15:18.820","lastModified":"2025-04-11T15:39:52.920","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.\n\n\nThe attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  critical deployment guidelines https:\/\/live.paloaltonetworks.com\/t5\/community-blogs\/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo\/ba-p\/464431 .\n\nThis issue does not affect Cloud NGFW and all Prisma® Access instances."},{"lang":"es","value":"Una vulnerabilidad de neutralización de entrada incorrecta en la interfaz web de administración del software PAN-OS® de Palo Alto Networks permite que un administrador de lectura y escritura autenticado malintencionado se haga pasar por otro administrador de PAN-OS autenticado legítimo. El atacante debe tener acceso a la red a la interfaz web de administración para explotar este problema. Puede reducir en gran medida el riesgo de que se produzca este problema al restringir el acceso a la interfaz web de administración solo a direcciones IP internas confiables de acuerdo con nuestras pautas de implementación crítica recomendadas https:\/\/live.paloaltonetworks.com\/t5\/community-blogs\/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo\/ba-p\/464431. Este problema no afecta a Cloud NGFW ni a todas las instancias de Prisma® Access."}],"metrics":{"cvssMetricV40":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:H\/UI:P\/VC:H\/VI:L\/VA:N\/SC:N\/SI:N\/SA:N\/E:X\/CR:X\/IR:X\/AR:X\/MAV:X\/MAC:X\/MAT:X\/MPR:X\/MUI:X\/MVC:X\/MVI:X\/MVA:X\/MSC:X\/MSI:X\/MSA:X\/S:N\/AU:N\/R:U\/V:C\/RE:M\/U:Amber","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NEGLIGIBLE","Automatable":"NO","Recovery":"USER","valueDensity":"CONCENTRATED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-83"}]}],"references":[{"url":"https:\/\/security.paloaltonetworks.com\/CVE-2025-0125","source":"psirt@paloaltonetworks.com"}]}}]}