CVE-2023-6792

🗓️ 13 Dec 2023 18:16:18Reported by palo_altoType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 34 Views

OS command injection vulnerability in Palo Alto Networks PAN-OS XML API

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-6792	18 Dec 202310:06	–	circl
CNNVD	Palo Alto Networks PAN-OS 安全漏洞	13 Dec 202300:00	–	cnnvd
CNVD	Palo Alto Networks PAN-OS XML API Command Injection Vulnerability	22 Dec 202300:00	–	cnvd
Cvelist	CVE-2023-6792 PAN-OS: OS Command Injection Vulnerability in the XML API	13 Dec 202318:16	–	cvelist
EUVD	EUVD-2023-59003	3 Oct 202520:07	–	euvd
NVD	CVE-2023-6792	13 Dec 202319:15	–	nvd
OSV	CVE-2023-6792	13 Dec 202319:15	–	osv
Palo Alto Networks	PAN-OS: OS Command Injection Vulnerability in the XML API	13 Dec 202317:00	–	paloalto
Tenable Nessus	Palo Alto Networks PAN-OS 8.1.x < 8.1.24 / 9.0.x < 9.0.17 / 9.1.x < 9.1.15 / 10.0.x < 10.0.12 / 10.1.x < 10.1.6 Vulnerability	14 Dec 202300:00	–	nessus
Prion	Command injection	13 Dec 202319:15	–	prion

NVD

Vulners

Node

paloaltonetworks pan-osRange8.1.0–8.1.24

paloaltonetworks pan-osRange9.0.0–9.0.17

paloaltonetworks pan-osRange9.1.0–9.1.15

paloaltonetworks pan-osRange10.0.0–10.0.12

paloaltonetworks pan-osRange10.1.0–10.1.6

[
  {
    "defaultStatus": "unaffected",
    "product": "PAN-OS",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "changes": [
          {
            "at": "8.1.24",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.1.24",
        "status": "affected",
        "version": "8.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "9.0.17",
            "status": "unaffected"
          }
        ],
        "lessThan": "9.0.17",
        "status": "affected",
        "version": "9.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "9.1.15",
            "status": "unaffected"
          }
        ],
        "lessThan": "9.1.15",
        "status": "affected",
        "version": "9.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10.0.12",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.0.12",
        "status": "affected",
        "version": "10.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10.1.6",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.1.6",
        "status": "affected",
        "version": "10.1",
        "versionType": "custom"
      },
      {
        "lessThan": "All",
        "status": "unaffected",
        "version": "10.2",
        "versionType": "custom"
      },
      {
        "lessThan": "All",
        "status": "unaffected",
        "version": "11.0",
        "versionType": "custom"
      },
      {
        "lessThan": "All",
        "status": "unaffected",
        "version": "11.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Prisma Access",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Cloud NGFW",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  }
]

Source	Link
security	www.security.paloaltonetworks.com/CVE-2023-6792

21 Nov 2024 08:44Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.5 - 6.3

EPSS0.002

SSVC