Back to overview

CVE-2026-0281

LOW
2.1
CVSS 4.0
Description
An information disclosure vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to the management web interface to obtain web session tokens. This requires a legitimate user to first click on a malicious link provided by the attacker. The security risk posed by this issue is minimized by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma® Access are not impacted by this vulnerability.

Metadata

CVE ID
CVE-2026-0281
State
PUBLISHED
Assigner
palo_alto
Reserved
2025-11-03 20:44 UTC
Published
2026-07-09 19:03 UTC
Last updated
2026-07-09 19:24 UTC
Primary CWE
CWE-524
CWE-524 Use of Cache Containing Sensitive Information
Vendor / Product
Palo Alto Networks / Cloud NGFW
Sources
cve.org  ·  NVD

Severity & Metrics

2.1 LOW CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
partial
Affected products (3)
VendorProductPlatformVersions
Palo Alto Networks Cloud NGFW All
Palo Alto Networks PAN-OS 12.1.0 < 12.1.8, 11.2.0 < 11.2.13, 11.1.0 < 11.1.16, 10.2.0 < 10.2.18-h8
Palo Alto Networks Prisma Access All
Weakness (CWE)
CWESourceDescription
CWE-524 cna CWE-524 Use of Cache Containing Sensitive Information
CVSS scores (2)
ScoreSeverityVersionSourceVector
2.1 LOW 4.0 cna CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber
1.7 LOW 4.0 cna CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:A/V:D/RE:M/U:Amber
Back to overview