Severity
Medium
Analysis Summary
CVE-2023-0006 CVSS:6.3
Palo Alto Networks GlobalProtect app for Windows could allow a local authenticated attacker to bypass security restrictions, caused by a local file deletion flaw due to a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to delete files from the local file system with elevated privileges.
CVE-2023-0005 CVSS:4.1
Palo Alto Networks PAN-OS could allow a local authenticated attacker to obtain sensitive information, caused by the storage of user secrets in plain-text in the configuration file. By gaining access to the configuration file, an attacker could exploit this vulnerability to obtain sensitive information and encrypted API keys, and use this information to launch further attacks against the affected system.
CVE-2023-0004 CVSS:6.5
Palo Alto Networks PAN-OS could allow a remote authenticated attacker to bypass security restrictions, caused by a local file deletion flaw due to improper check or handling of exceptional conditions. By sending a specially crafted request, an attacker could exploit this vulnerability to delete files from the local file system with elevated privileges.
Impact
- Security Bypass
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-0006
- CVE-2023-0005
- CVE-2023-0004
Affected Vendors
Palo Alto
Affected Products
- Palo Alto Networks GlobalProtect app for Windows 5.2
- Palo Alto Networks GlobalProtect app for Windows 6.0
- Palo Alto Networks GlobalProtect app for Windows 6.1
- Palo Alto Networks PAN-OS 9.0.0
- Palo Alto Networks PAN-OS 8.1
- Palo Alto Networks PAN-OS 9.1.0
- Palo Alto Networks PAN-OS 10.0
- Palo Alto Networks PAN-OS 10.1.0
- Palo Alto Networks PAN-OS 10.2
Remediation
Refer to Palo Alto Networks Security Advisories for patch, upgrade or suggested workaround information.