CVE-2023-0005 MEDIUM

CVE-2023-0005: PAN-OS: Exposure of Sensitive Information Vulnerability

Vendor Palo Alto Networks
Product PAN-OS
Weakness CWE-497
Published April 12, 2023
Last update February 10, 2025

CVSS base score

4.1/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.

Key dates

02Disclosure timeline

April 12, 2023 CVE published
February 10, 2025 Record updated