Lucene search

[email protected]NVD:CVE-2023-0008

HistoryMay 10, 2023 - 5:15 p.m.

CVE-2023-0008

2023-05-1017:15:09

CWE-610

CWE-73

[email protected]

web.nvd.nist.gov

vulnerability

authenticated read-write administrator

web interface

export local files

firewall

race condition

file disclosure

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.

Affected configurations

Nvd

Node

paloaltonetworkspan-osRange8.1.0–8.1.25

paloaltonetworkspan-osRange9.0.0–9.0.17

paloaltonetworkspan-osRange9.1.0–9.1.16

paloaltonetworkspan-osRange10.0.0–10.0.12

paloaltonetworkspan-osRange10.1.0–10.1.10

paloaltonetworkspan-osRange10.2.0–10.2.4

paloaltonetworkspan-osMatch11.0.0

References

security.paloaltonetworks.com/CVE-2023-0008

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

45.1%

JSON

Related for NVD:CVE-2023-0008

paloalto1 nessus1 cve1 prion1 cvelist1 ics1