CVE-2023-6794

Published: Dec 13, 2023Modified: Nov 21, 2024

4.7

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Exploitability: 1.2 / Impact: 3.4

Source: NVD

Description

An arbitrary file upload vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.

Affected (3)

Products: Paloaltonetworks: Pan Os

Paloaltonetworks

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Paloaltonetworks Pan Os	From 8.1.0 to 8.1.26
Paloaltonetworks Pan Os	From 9.0.0 to 9.0.17
Paloaltonetworks Pan Os	From 9.1.0 to 9.1.14

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://security.paloaltonetworks.com/CVE-2023-6794

Source: psirt@paloaltonetworks.com

Vendor Advisory

https://security.paloaltonetworks.com/CVE-2023-6794

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.