cvelistv5 - cve-2025-0114

cve-2025-0114

Vulnerability from cvelistv5

Published

2025-03-12 18:20

Modified

2025-03-12 18:34

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

Summary

A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway. This issue does not apply to Cloud NGFWs or Prisma Access software.

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2025-0114

Impacted products

Vendor

Product

Version

▼

Palo Alto Networks

PAN-OS

Patch: 11.2.0
Patch: 11.1.0
Version: 11.0.0   < 11.0.2
Version: 10.2.0   < 10.2.5
Version: 10.1.0   < 10.1.14-h11
    cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*
    cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*

	Palo Alto Networks	Cloud NGFW	Patch: All
	Palo Alto Networks	Prisma Access	Patch: All

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2025-0114",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-03-12T18:34:02.023259Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-03-12T18:34:48.122Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               cpes: [
                  "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*",
                  "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*",
               ],
               defaultStatus: "unaffected",
               product: "PAN-OS",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     status: "unaffected",
                     version: "11.2.0",
                     versionType: "custom",
                  },
                  {
                     status: "unaffected",
                     version: "11.1.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "11.0.2",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "11.0.2",
                     status: "affected",
                     version: "11.0.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "10.2.5",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.2.5",
                     status: "affected",
                     version: "10.2.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "10.1.14-h11",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.1.14-h11",
                     status: "affected",
                     version: "10.1.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "Cloud NGFW",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     status: "unaffected",
                     version: "All",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "Prisma Access",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     status: "unaffected",
                     version: "All",
                     versionType: "custom",
                  },
               ],
            },
         ],
         configurations: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (<b>Network</b> &gt; <b>GlobalProtect</b> &gt; <b>Portals</b> and <b>Network</b> &gt; <b>GlobalProtect</b> &gt; <b>Gateways</b>).",
                  },
               ],
               value: "This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network > GlobalProtect > Portals and Network > GlobalProtect > Gateways).",
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "an external reporter",
            },
         ],
         datePublic: "2025-03-12T16:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.<br><br>This issue does not apply to Cloud NGFWs or Prisma Access software.",
                  },
               ],
               value: "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software.",
            },
         ],
         exploits: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.",
                  },
               ],
               value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-125",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-125 Flooding",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV4_0: {
                  Automatable: "NO",
                  Recovery: "USER",
                  Safety: "NOT_DEFINED",
                  attackComplexity: "HIGH",
                  attackRequirements: "NONE",
                  attackVector: "NETWORK",
                  baseScore: 8.2,
                  baseSeverity: "HIGH",
                  privilegesRequired: "NONE",
                  providerUrgency: "AMBER",
                  subAvailabilityImpact: "NONE",
                  subConfidentialityImpact: "NONE",
                  subIntegrityImpact: "NONE",
                  userInteraction: "NONE",
                  valueDensity: "CONCENTRATED",
                  vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber",
                  version: "4.0",
                  vulnAvailabilityImpact: "HIGH",
                  vulnConfidentialityImpact: "NONE",
                  vulnIntegrityImpact: "NONE",
                  vulnerabilityResponseEffort: "NOT_DEFINED",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-400",
                     description: "CWE-400 Uncontrolled Resource Consumption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2025-03-12T18:20:05.608Z",
            orgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            shortName: "palo_alto",
         },
         references: [
            {
               tags: [
                  "vendor-advisory",
               ],
               url: "https://security.paloaltonetworks.com/CVE-2025-0114",
            },
         ],
         solutions: [
            {
               lang: "eng",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "<table class=\"tbl\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>PAN-OS 11.0</td><td>11.0.0 through 11.0.1</td><td>Upgrade to 11.0.2 or later</td></tr><tr><td>PAN-OS 10.2</td><td>10.2.0 through 10.2.4<br></td><td>Upgrade to 10.2.5 or later</td></tr><tr><td>PAN-OS 10.1<br></td><td>10.1.0 through 10.1.14<br></td><td>Upgrade to 10.1.14-h11 or later<br></td></tr><tr><td>All other older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr></tbody></table>",
                  },
               ],
               value: "Version\nMinor Version\nSuggested Solution\nPAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or laterPAN-OS 10.210.2.0 through 10.2.4\nUpgrade to 10.2.5 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older\nunsupported\nPAN-OS versions Upgrade to a supported fixed version.",
            },
         ],
         source: {
            defect: [
               "PAN-209208",
            ],
            discovery: "EXTERNAL",
         },
         timeline: [
            {
               lang: "en",
               time: "2025-03-12T16:00:00.000Z",
               value: "Initial Publication",
            },
         ],
         title: "PAN-OS: Denial of Service (DoS) in GlobalProtect",
         workarounds: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "No workaround or mitigation is available.",
                  },
               ],
               value: "No workaround or mitigation is available.",
            },
         ],
         x_affectedList: [
            "PAN-OS 11.0.1-h5",
            "PAN-OS 11.0.1-h4",
            "PAN-OS 11.0.1-h3",
            "PAN-OS 11.0.1-h2",
            "PAN-OS 11.0.1-h1",
            "PAN-OS 11.0.1",
            "PAN-OS 11.0.0-h4",
            "PAN-OS 11.0.0-h3",
            "PAN-OS 11.0.0-h2",
            "PAN-OS 11.0.0-h1",
            "PAN-OS 11.0.0",
            "PAN-OS 10.2.4-h32",
            "PAN-OS 10.2.4-h31",
            "PAN-OS 10.2.4-h30",
            "PAN-OS 10.2.4-h29",
            "PAN-OS 10.2.4-h28",
            "PAN-OS 10.2.4-h27",
            "PAN-OS 10.2.4-h26",
            "PAN-OS 10.2.4-h25",
            "PAN-OS 10.2.4-h24",
            "PAN-OS 10.2.4-h23",
            "PAN-OS 10.2.4-h22",
            "PAN-OS 10.2.4-h21",
            "PAN-OS 10.2.4-h20",
            "PAN-OS 10.2.4-h19",
            "PAN-OS 10.2.4-h18",
            "PAN-OS 10.2.4-h17",
            "PAN-OS 10.2.4-h16",
            "PAN-OS 10.2.4-h15",
            "PAN-OS 10.2.4-h14",
            "PAN-OS 10.2.4-h13",
            "PAN-OS 10.2.4-h12",
            "PAN-OS 10.2.4-h11",
            "PAN-OS 10.2.4-h10",
            "PAN-OS 10.2.4-h9",
            "PAN-OS 10.2.4-h8",
            "PAN-OS 10.2.4-h7",
            "PAN-OS 10.2.4-h6",
            "PAN-OS 10.2.4-h5",
            "PAN-OS 10.2.4-h4",
            "PAN-OS 10.2.4-h3",
            "PAN-OS 10.2.4-h2",
            "PAN-OS 10.2.4-h1",
            "PAN-OS 10.2.4",
            "PAN-OS 10.2.3-h14",
            "PAN-OS 10.2.3-h13",
            "PAN-OS 10.2.3-h12",
            "PAN-OS 10.2.3-h11",
            "PAN-OS 10.2.3-h10",
            "PAN-OS 10.2.3-h9",
            "PAN-OS 10.2.3-h8",
            "PAN-OS 10.2.3-h7",
            "PAN-OS 10.2.3-h6",
            "PAN-OS 10.2.3-h5",
            "PAN-OS 10.2.3-h4",
            "PAN-OS 10.2.3-h3",
            "PAN-OS 10.2.3-h2",
            "PAN-OS 10.2.3-h1",
            "PAN-OS 10.2.3",
            "PAN-OS 10.2.2-h6",
            "PAN-OS 10.2.2-h5",
            "PAN-OS 10.2.2-h4",
            "PAN-OS 10.2.2-h3",
            "PAN-OS 10.2.2-h2",
            "PAN-OS 10.2.2-h1",
            "PAN-OS 10.2.2",
            "PAN-OS 10.2.1-h3",
            "PAN-OS 10.2.1-h2",
            "PAN-OS 10.2.1-h1",
            "PAN-OS 10.2.1",
            "PAN-OS 10.2.0-h4",
            "PAN-OS 10.2.0-h3",
            "PAN-OS 10.2.0-h2",
            "PAN-OS 10.2.0-h1",
            "PAN-OS 10.2.0",
            "PAN-OS 10.1.14-h10",
            "PAN-OS 10.1.14-h9",
            "PAN-OS 10.1.14-h8",
            "PAN-OS 10.1.14-h7",
            "PAN-OS 10.1.14-h6",
            "PAN-OS 10.1.14-h5",
            "PAN-OS 10.1.14-h4",
            "PAN-OS 10.1.14-h3",
            "PAN-OS 10.1.14-h2",
            "PAN-OS 10.1.14-h1",
            "PAN-OS 10.1.14",
            "PAN-OS 10.1.13-h5",
            "PAN-OS 10.1.13-h4",
            "PAN-OS 10.1.13-h3",
            "PAN-OS 10.1.13-h2",
            "PAN-OS 10.1.13-h1",
            "PAN-OS 10.1.13",
            "PAN-OS 10.1.12-h3",
            "PAN-OS 10.1.12-h2",
            "PAN-OS 10.1.12-h1",
            "PAN-OS 10.1.12",
            "PAN-OS 10.1.11-h10",
            "PAN-OS 10.1.11-h9",
            "PAN-OS 10.1.11-h8",
            "PAN-OS 10.1.11-h7",
            "PAN-OS 10.1.11-h6",
            "PAN-OS 10.1.11-h5",
            "PAN-OS 10.1.11-h4",
            "PAN-OS 10.1.11-h3",
            "PAN-OS 10.1.11-h2",
            "PAN-OS 10.1.11-h1",
            "PAN-OS 10.1.11",
            "PAN-OS 10.1.10-h9",
            "PAN-OS 10.1.10-h8",
            "PAN-OS 10.1.10-h7",
            "PAN-OS 10.1.10-h6",
            "PAN-OS 10.1.10-h5",
            "PAN-OS 10.1.10-h4",
            "PAN-OS 10.1.10-h3",
            "PAN-OS 10.1.10-h2",
            "PAN-OS 10.1.10-h1",
            "PAN-OS 10.1.10",
            "PAN-OS 10.1.9-h14",
            "PAN-OS 10.1.9-h13",
            "PAN-OS 10.1.9-h12",
            "PAN-OS 10.1.9-h11",
            "PAN-OS 10.1.9-h10",
            "PAN-OS 10.1.9-h9",
            "PAN-OS 10.1.9-h8",
            "PAN-OS 10.1.9-h7",
            "PAN-OS 10.1.9-h6",
            "PAN-OS 10.1.9-h5",
            "PAN-OS 10.1.9-h4",
            "PAN-OS 10.1.9-h3",
            "PAN-OS 10.1.9-h2",
            "PAN-OS 10.1.9-h1",
            "PAN-OS 10.1.9",
            "PAN-OS 10.1.8-h8",
            "PAN-OS 10.1.8-h7",
            "PAN-OS 10.1.8-h6",
            "PAN-OS 10.1.8-h5",
            "PAN-OS 10.1.8-h4",
            "PAN-OS 10.1.8-h3",
            "PAN-OS 10.1.8-h2",
            "PAN-OS 10.1.8-h1",
            "PAN-OS 10.1.8",
            "PAN-OS 10.1.7-h1",
            "PAN-OS 10.1.7",
            "PAN-OS 10.1.6-h9",
            "PAN-OS 10.1.6-h8",
            "PAN-OS 10.1.6-h7",
            "PAN-OS 10.1.6-h6",
            "PAN-OS 10.1.6-h5",
            "PAN-OS 10.1.6-h4",
            "PAN-OS 10.1.6-h3",
            "PAN-OS 10.1.6-h2",
            "PAN-OS 10.1.6-h1",
            "PAN-OS 10.1.6",
            "PAN-OS 10.1.5-h4",
            "PAN-OS 10.1.5-h3",
            "PAN-OS 10.1.5-h2",
            "PAN-OS 10.1.5-h1",
            "PAN-OS 10.1.5",
            "PAN-OS 10.1.4-h6",
            "PAN-OS 10.1.4-h5",
            "PAN-OS 10.1.4-h4",
            "PAN-OS 10.1.4-h3",
            "PAN-OS 10.1.4-h2",
            "PAN-OS 10.1.4-h1",
            "PAN-OS 10.1.4",
            "PAN-OS 10.1.3-h4",
            "PAN-OS 10.1.3-h3",
            "PAN-OS 10.1.3-h2",
            "PAN-OS 10.1.3-h1",
            "PAN-OS 10.1.3",
            "PAN-OS 10.1.2",
            "PAN-OS 10.1.1",
            "PAN-OS 10.1.0",
         ],
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
      assignerShortName: "palo_alto",
      cveId: "CVE-2025-0114",
      datePublished: "2025-03-12T18:20:05.608Z",
      dateReserved: "2024-12-20T23:23:15.900Z",
      dateUpdated: "2025-03-12T18:34:48.122Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2025-0114\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2025-03-12T19:15:37.363\",\"lastModified\":\"2025-03-12T19:15:37.363\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\\n\\nThis issue does not apply to Cloud NGFWs or Prisma Access software.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"AMBER\"}}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2025-0114\",\"source\":\"psirt@paloaltonetworks.com\"}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0114\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-12T18:34:02.023259Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-12T18:34:35.659Z\"}}], \"cna\": {\"title\": \"PAN-OS: Denial of Service (DoS) in GlobalProtect\", \"source\": {\"defect\": [\"PAN-209208\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"an external reporter\"}], \"impacts\": [{\"capecId\": \"CAPEC-125\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-125 Flooding\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.2, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.2.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"11.1.0\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.0.2\", \"status\": \"unaffected\"}], \"version\": \"11.0.0\", \"lessThan\": \"11.0.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.5\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.14-h11\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.14-h11\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-03-12T16:00:00.000Z\", \"value\": \"Initial Publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"Version\\nMinor Version\\nSuggested Solution\\nPAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or laterPAN-OS 10.210.2.0 through 10.2.4\\nUpgrade to 10.2.5 or laterPAN-OS 10.1\\n10.1.0 through 10.1.14\\nUpgrade to 10.1.14-h11 or later\\nAll other older\\nunsupported\\nPAN-OS versions\\u00a0Upgrade to a supported fixed version.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"<table class=\\\"tbl\\\"><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr><td>PAN-OS 11.0</td><td>11.0.0 through 11.0.1</td><td>Upgrade to 11.0.2 or later</td></tr><tr><td>PAN-OS 10.2</td><td>10.2.0 through 10.2.4<br></td><td>Upgrade to 10.2.5 or later</td></tr><tr><td>PAN-OS 10.1<br></td><td>10.1.0 through 10.1.14<br></td><td>Upgrade to 10.1.14-h11 or later<br></td></tr><tr><td>All other older<br>unsupported<br>PAN-OS versions</td><td>&nbsp;</td><td>Upgrade to a supported fixed version.</td></tr></tbody></table>\", \"base64\": false}]}], \"datePublic\": \"2025-03-12T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2025-0114\", \"tags\": [\"vendor-advisory\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"No workaround or mitigation is available.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No workaround or mitigation is available.\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\\n\\nThis issue does not apply to Cloud NGFWs or Prisma Access software.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.<br><br>This issue does not apply to Cloud NGFWs or Prisma Access software.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network > GlobalProtect > Portals and Network > GlobalProtect > Gateways).\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (<b>Network</b> &gt; <b>GlobalProtect</b> &gt; <b>Portals</b> and <b>Network</b> &gt; <b>GlobalProtect</b> &gt; <b>Gateways</b>).\", \"base64\": false}]}], \"x_affectedList\": [\"PAN-OS 11.0.1-h5\", \"PAN-OS 11.0.1-h4\", \"PAN-OS 11.0.1-h3\", \"PAN-OS 11.0.1-h2\", \"PAN-OS 11.0.1-h1\", \"PAN-OS 11.0.1\", \"PAN-OS 11.0.0-h4\", \"PAN-OS 11.0.0-h3\", \"PAN-OS 11.0.0-h2\", \"PAN-OS 11.0.0-h1\", \"PAN-OS 11.0.0\", \"PAN-OS 10.2.4-h32\", \"PAN-OS 10.2.4-h31\", \"PAN-OS 10.2.4-h30\", \"PAN-OS 10.2.4-h29\", \"PAN-OS 10.2.4-h28\", \"PAN-OS 10.2.4-h27\", \"PAN-OS 10.2.4-h26\", \"PAN-OS 10.2.4-h25\", \"PAN-OS 10.2.4-h24\", \"PAN-OS 10.2.4-h23\", \"PAN-OS 10.2.4-h22\", \"PAN-OS 10.2.4-h21\", \"PAN-OS 10.2.4-h20\", \"PAN-OS 10.2.4-h19\", \"PAN-OS 10.2.4-h18\", \"PAN-OS 10.2.4-h17\", \"PAN-OS 10.2.4-h16\", \"PAN-OS 10.2.4-h15\", \"PAN-OS 10.2.4-h14\", \"PAN-OS 10.2.4-h13\", \"PAN-OS 10.2.4-h12\", \"PAN-OS 10.2.4-h11\", \"PAN-OS 10.2.4-h10\", \"PAN-OS 10.2.4-h9\", \"PAN-OS 10.2.4-h8\", \"PAN-OS 10.2.4-h7\", \"PAN-OS 10.2.4-h6\", \"PAN-OS 10.2.4-h5\", \"PAN-OS 10.2.4-h4\", \"PAN-OS 10.2.4-h3\", \"PAN-OS 10.2.4-h2\", \"PAN-OS 10.2.4-h1\", \"PAN-OS 10.2.4\", \"PAN-OS 10.2.3-h14\", \"PAN-OS 10.2.3-h13\", \"PAN-OS 10.2.3-h12\", \"PAN-OS 10.2.3-h11\", \"PAN-OS 10.2.3-h10\", \"PAN-OS 10.2.3-h9\", \"PAN-OS 10.2.3-h8\", \"PAN-OS 10.2.3-h7\", \"PAN-OS 10.2.3-h6\", \"PAN-OS 10.2.3-h5\", \"PAN-OS 10.2.3-h4\", \"PAN-OS 10.2.3-h3\", \"PAN-OS 10.2.3-h2\", \"PAN-OS 10.2.3-h1\", \"PAN-OS 10.2.3\", \"PAN-OS 10.2.2-h6\", \"PAN-OS 10.2.2-h5\", \"PAN-OS 10.2.2-h4\", \"PAN-OS 10.2.2-h3\", \"PAN-OS 10.2.2-h2\", \"PAN-OS 10.2.2-h1\", \"PAN-OS 10.2.2\", \"PAN-OS 10.2.1-h3\", \"PAN-OS 10.2.1-h2\", \"PAN-OS 10.2.1-h1\", \"PAN-OS 10.2.1\", \"PAN-OS 10.2.0-h4\", \"PAN-OS 10.2.0-h3\", \"PAN-OS 10.2.0-h2\", \"PAN-OS 10.2.0-h1\", \"PAN-OS 10.2.0\", \"PAN-OS 10.1.14-h10\", \"PAN-OS 10.1.14-h9\", \"PAN-OS 10.1.14-h8\", \"PAN-OS 10.1.14-h7\", \"PAN-OS 10.1.14-h6\", \"PAN-OS 10.1.14-h5\", \"PAN-OS 10.1.14-h4\", \"PAN-OS 10.1.14-h3\", \"PAN-OS 10.1.14-h2\", \"PAN-OS 10.1.14-h1\", \"PAN-OS 10.1.14\", \"PAN-OS 10.1.13-h5\", \"PAN-OS 10.1.13-h4\", \"PAN-OS 10.1.13-h3\", \"PAN-OS 10.1.13-h2\", \"PAN-OS 10.1.13-h1\", \"PAN-OS 10.1.13\", \"PAN-OS 10.1.12-h3\", \"PAN-OS 10.1.12-h2\", \"PAN-OS 10.1.12-h1\", \"PAN-OS 10.1.12\", \"PAN-OS 10.1.11-h10\", \"PAN-OS 10.1.11-h9\", \"PAN-OS 10.1.11-h8\", \"PAN-OS 10.1.11-h7\", \"PAN-OS 10.1.11-h6\", \"PAN-OS 10.1.11-h5\", \"PAN-OS 10.1.11-h4\", \"PAN-OS 10.1.11-h3\", \"PAN-OS 10.1.11-h2\", \"PAN-OS 10.1.11-h1\", \"PAN-OS 10.1.11\", \"PAN-OS 10.1.10-h9\", \"PAN-OS 10.1.10-h8\", \"PAN-OS 10.1.10-h7\", \"PAN-OS 10.1.10-h6\", \"PAN-OS 10.1.10-h5\", \"PAN-OS 10.1.10-h4\", \"PAN-OS 10.1.10-h3\", \"PAN-OS 10.1.10-h2\", \"PAN-OS 10.1.10-h1\", \"PAN-OS 10.1.10\", \"PAN-OS 10.1.9-h14\", \"PAN-OS 10.1.9-h13\", \"PAN-OS 10.1.9-h12\", \"PAN-OS 10.1.9-h11\", \"PAN-OS 10.1.9-h10\", \"PAN-OS 10.1.9-h9\", \"PAN-OS 10.1.9-h8\", \"PAN-OS 10.1.9-h7\", \"PAN-OS 10.1.9-h6\", \"PAN-OS 10.1.9-h5\", \"PAN-OS 10.1.9-h4\", \"PAN-OS 10.1.9-h3\", \"PAN-OS 10.1.9-h2\", \"PAN-OS 10.1.9-h1\", \"PAN-OS 10.1.9\", \"PAN-OS 10.1.8-h8\", \"PAN-OS 10.1.8-h7\", \"PAN-OS 10.1.8-h6\", \"PAN-OS 10.1.8-h5\", \"PAN-OS 10.1.8-h4\", \"PAN-OS 10.1.8-h3\", \"PAN-OS 10.1.8-h2\", \"PAN-OS 10.1.8-h1\", \"PAN-OS 10.1.8\", \"PAN-OS 10.1.7-h1\", \"PAN-OS 10.1.7\", \"PAN-OS 10.1.6-h9\", \"PAN-OS 10.1.6-h8\", \"PAN-OS 10.1.6-h7\", \"PAN-OS 10.1.6-h6\", \"PAN-OS 10.1.6-h5\", \"PAN-OS 10.1.6-h4\", \"PAN-OS 10.1.6-h3\", \"PAN-OS 10.1.6-h2\", \"PAN-OS 10.1.6-h1\", \"PAN-OS 10.1.6\", \"PAN-OS 10.1.5-h4\", \"PAN-OS 10.1.5-h3\", \"PAN-OS 10.1.5-h2\", \"PAN-OS 10.1.5-h1\", \"PAN-OS 10.1.5\", \"PAN-OS 10.1.4-h6\", \"PAN-OS 10.1.4-h5\", \"PAN-OS 10.1.4-h4\", \"PAN-OS 10.1.4-h3\", \"PAN-OS 10.1.4-h2\", \"PAN-OS 10.1.4-h1\", \"PAN-OS 10.1.4\", \"PAN-OS 10.1.3-h4\", \"PAN-OS 10.1.3-h3\", \"PAN-OS 10.1.3-h2\", \"PAN-OS 10.1.3-h1\", \"PAN-OS 10.1.3\", \"PAN-OS 10.1.2\", \"PAN-OS 10.1.1\", \"PAN-OS 10.1.0\"], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-03-12T18:20:05.608Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2025-0114\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-12T18:34:48.122Z\", \"dateReserved\": \"2024-12-20T23:23:15.900Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2025-03-12T18:20:05.608Z\", \"assignerShortName\": \"palo_alto\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

fkie_cve-2025-0114

Vulnerability from fkie_nvd

Published

2025-03-12 19:15

Modified

2025-03-12 19:15

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

Summary

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2025-0114

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software.",
      },
      {
         lang: "es",
         value: "Una vulnerabilidad de denegación de servicio (DoS) en la función GlobalProtect del software PAN-OS de Palo Alto Networks permite que un atacante no autenticado inhabilite el servicio mediante el envío de una gran cantidad de paquetes especialmente manipulados durante un período de tiempo. Este problema afecta tanto al portal como a la puerta de enlace de GlobalProtect. No se aplica a los NGFW en la nube ni al software Prisma Access.",
      },
   ],
   id: "CVE-2025-0114",
   lastModified: "2025-03-12T19:15:37.363",
   metrics: {
      cvssMetricV40: [
         {
            cvssData: {
               Automatable: "NO",
               Recovery: "USER",
               Safety: "NOT_DEFINED",
               attackComplexity: "HIGH",
               attackRequirements: "NONE",
               attackVector: "NETWORK",
               availabilityRequirement: "NOT_DEFINED",
               baseScore: 8.2,
               baseSeverity: "HIGH",
               confidentialityRequirement: "NOT_DEFINED",
               exploitMaturity: "NOT_DEFINED",
               integrityRequirement: "NOT_DEFINED",
               modifiedAttackComplexity: "NOT_DEFINED",
               modifiedAttackRequirements: "NOT_DEFINED",
               modifiedAttackVector: "NOT_DEFINED",
               modifiedPrivilegesRequired: "NOT_DEFINED",
               modifiedSubAvailabilityImpact: "NOT_DEFINED",
               modifiedSubConfidentialityImpact: "NOT_DEFINED",
               modifiedSubIntegrityImpact: "NOT_DEFINED",
               modifiedUserInteraction: "NOT_DEFINED",
               modifiedVulnAvailabilityImpact: "NOT_DEFINED",
               modifiedVulnConfidentialityImpact: "NOT_DEFINED",
               modifiedVulnIntegrityImpact: "NOT_DEFINED",
               privilegesRequired: "NONE",
               providerUrgency: "AMBER",
               subAvailabilityImpact: "NONE",
               subConfidentialityImpact: "NONE",
               subIntegrityImpact: "NONE",
               userInteraction: "NONE",
               valueDensity: "CONCENTRATED",
               vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber",
               version: "4.0",
               vulnAvailabilityImpact: "HIGH",
               vulnConfidentialityImpact: "NONE",
               vulnIntegrityImpact: "NONE",
               vulnerabilityResponseEffort: "NOT_DEFINED",
            },
            source: "psirt@paloaltonetworks.com",
            type: "Secondary",
         },
      ],
   },
   published: "2025-03-12T19:15:37.363",
   references: [
      {
         source: "psirt@paloaltonetworks.com",
         url: "https://security.paloaltonetworks.com/CVE-2025-0114",
      },
   ],
   sourceIdentifier: "psirt@paloaltonetworks.com",
   vulnStatus: "Awaiting Analysis",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-400",
            },
         ],
         source: "psirt@paloaltonetworks.com",
         type: "Secondary",
      },
   ],
}

ghsa-p6rm-v297-gpf4

Vulnerability from github

Published

2025-03-12 21:31

Modified

2025-03-12 21:31

Severity ?

8.2 (High) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber

Details

This issue does not apply to Cloud NGFWs or Prisma Access software.

Show details on source website

JSON

To clipboard

{
   affected: [],
   aliases: [
      "CVE-2025-0114",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-400",
      ],
      github_reviewed: false,
      github_reviewed_at: null,
      nvd_published_at: "2025-03-12T19:15:37Z",
      severity: "HIGH",
   },
   details: "A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software.",
   id: "GHSA-p6rm-v297-gpf4",
   modified: "2025-03-12T21:31:29Z",
   published: "2025-03-12T21:31:29Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2025-0114",
      },
      {
         type: "WEB",
         url: "https://security.paloaltonetworks.com/CVE-2025-0114",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:X/U:Amber",
         type: "CVSS_V4",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2025-0114

Vulnerability from cvelistv5

fkie_cve-2025-0114

Vulnerability from fkie_nvd

ghsa-p6rm-v297-gpf4

Vulnerability from github

Tags

Sightings

Nomenclature