CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal (Severity: LOW)

For GlobalProtect users with Clientless VPN enabled, there is a limited impact on confidentiality due to inherent risks of Clientless VPN that facilitate credential theft. You can read more about this risk in the informational bulletin PAN-SA-2025-0005 . There is no impact to confidentiality for GlobalProtect users if you did not enable (or you disable) Clientless VPN.

This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect gateway or portal.

Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 510003 and 510004 (introduced in Applications and Threats content version 8970).

You can also disable Clientless VPN. For more information, review the security advisory PAN-SA-2025-0005.

cpe:2.3:o:paloaltonetworks:pan-os:11.2.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.16:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.15:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.14:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.13:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*

cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*

Show MoreShow Less

Fish AI Reader

FishAI

联系邮箱 441953276@qq.com

相关标签