CVE-2026-0284
MEDIUM
4.7
CVSS 4.0
Description
An XML injection vulnerability in the Large Scale VPN (LSVPN) functionality of Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to inject malicious XML content, potentially leading to information disclosure or corruption of internal LSVPN satellite data.
Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.
Metadata
Severity & Metrics
4.7
MEDIUM CVSS 4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber
SSVC — CISA Coordinator
Affected products (3)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW | — | All |
| Palo Alto Networks | PAN-OS | — | 12.1.0 < 12.1.4-h8, 11.2.0 < 11.2.4-h20, 11.1.0 < 11.1.4-h35, 10.2.0 < 10.2.7-h36 |
| Palo Alto Networks | Prisma Access | — | All |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-74 | cna | CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 4.7 | MEDIUM | 4.0 | cna | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:H/SI:L/SA:L/E:U/AU:N/R:A/V:D/RE:M/U:Amber |
References (1)