CVE-2025-0123: PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures
Description
A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-capture in decrypted HTTP/2 data streams traversing network interfaces on the firewall. HTTP/1.1 data streams are not impacted.
In normal conditions, decrypted packet captures are available to firewall administrators after they obtain and install a free Decryption Port Mirror license. The license requirement ensures that this feature can only be used after approved personnel purposefully activate the license. For more information, review how to configure decryption port mirroring https://docs.paloaltonetworks.com/network-security/decryption/administration/monitoring-decryption/configure-decryption-port-mirroring .
The administrator must obtain network access to the management interface (web, SSH, console, or telnet) and successfully authenticate to exploit this issue. Risk of this issue can be greatly reduced by restricting access to the management interface to only trusted administrators and from only internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
Customer firewall administrators do not have access to the packet capture feature in Clou...
Classification
CVE ID: CVE-2025-0123
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.9
CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber
Problem Types
CWE-312 Cleartext Storage of Sensitive InformationAffected Products
Vendor: Palo Alto Networks, Palo Alto Networks, Palo Alto Networks
Product: Cloud NGFW, PAN-OS, Prisma Access
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.01% (probability of being exploited)
EPSS Percentile: 0.42% (scored less or equal to compared to others)
EPSS Date: 2025-04-20 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-0123https://security.paloaltonetworks.com/CVE-2025-0123