CVE-2023-0004 MEDIUM

CVE-2023-0004: PAN-OS: Local File Deletion Vulnerability

Vendor Palo Alto Networks
Product PAN-OS
Weakness CWE-703
Published April 12, 2023
Last update February 13, 2025

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

What the vulnerability does

01Description

A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.

Key dates

02Disclosure timeline

April 12, 2023 CVE published
February 13, 2025 Record updated