CVE-2023-6795

PAN-OS: OS Command Injection Vulnerability in the Web Interface

Description

An OS command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall.

Remediation

Solution:

This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions.

Workaround:

This issue requires the attacker to have authenticated access to the PAN-OS web interface. You can mitigate the impact of this issue by following the Best Practices for Securing Administrative Access in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices.

References

Link	Tags
https://security.paloaltonetworks.com/CVE-2023-6795	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2023-6795?: CVE-2023-6795 has been scored as a medium severity vulnerability.
How to fix CVE-2023-6795?: To fix CVE-2023-6795: This issue is fixed in PAN-OS 8.1.24-h1, PAN-OS 9.0.17, PAN-OS 9.1.12, PAN-OS 10.0.9, PAN-OS 10.1.3, and all later PAN-OS versions.
Is CVE-2023-6795 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2023-6795 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-6795?: CVE-2023-6795 affects Palo Alto Networks PAN-OS, Palo Alto Networks Prisma Access, Palo Alto Networks Cloud NGFW.

Description

Remediation

Category

CWE-78 – Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

References

Frequently Asked Questions