Back to overview

CVE-2026-0284

MEDIUM
4.7
CVSS 4.0
Description
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data. Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

Metadata

CVE ID
CVE-2026-0284
State
PUBLISHED
Assigner
palo_alto
Reserved
2025-11-03 20:44 UTC
Published
2026-07-09 18:59 UTC
Last updated
2026-07-09 19:25 UTC
Primary CWE
CWE-74
CWE-74: Improper Neutralization of Special Elements in Outpu…
Vendor / Product
Palo Alto Networks / Cloud NGFW
Sources
cve.org  ·  NVD

Severity & Metrics

4.7 MEDIUM CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
partial
Affected products (3)
VendorProductPlatformVersions
Palo Alto Networks Cloud NGFW All
Palo Alto Networks PAN-OS 12.1.0 < 12.1.4-h8, 11.2.0 < 11.2.4-h20, 11.1.0 < 11.1.4-h35, 10.2.0 < 10.2.7-h36
Palo Alto Networks Prisma Access All
Weakness (CWE)
CWESourceDescription
CWE-74 cna CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSS scores (1)
ScoreSeverityVersionSourceVector
4.7 MEDIUM 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber
Back to overview