CVE-2025-0125: PAN-OS: Improper Neutralization of Input in the Management Web Interface

6.9 CVSS

Description

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator.

The attacker must have network access to the management web interface to exploit this issue. You greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended critical deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .

This issue does not affect Cloud NGFW and all Prisma® Access instances.

Classification

CVE ID: CVE-2025-0125

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.9

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber

Problem Types

CWE-83: Improper Neutralization of Script in Attributes in a Web Page

Affected Products

Vendor: Palo Alto Networks, Palo Alto Networks, Palo Alto Networks

Product: Cloud NGFW, PAN-OS, Prisma Access

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 17.81% (scored less or equal to compared to others)

EPSS Date: 2025-04-20 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0125
https://security.paloaltonetworks.com/CVE-2025-0125

Timeline

2025-04-09 16:15:24 UTC
Palo Alto Networks Security Advisories

CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface (Severity: MEDIUM)
2025-04-11 02:40:12 UTC
CVE

PAN-OS: Improper Neutralization of Input in the Management Web Interface