- Description
- When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker. The SAML login for the PAN-OS® management interface is not affected. Additionally, this issue does not affect Cloud NGFW and all Prisma® Access instances are proactively patched.
- Source
- psirt@paloaltonetworks.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
- Severity
- HIGH
- psirt@paloaltonetworks.com
- CWE-384
- Hype score
- Not currently trending
🚨 CVE-2025-0126 🔴 HIGH (8.3) 🏢 Palo Alto Networks - Cloud NGFW 🏗️ All 🔗 https://t.co/bafwCISfDI #CyberCron #VulnAlert #InfoSec https://t.co/q7FBusU0zH
@cybercronai
12 Apr 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0126 Session Fixation in Palo Alto Networks GlobalProtect SAML Authentication https://t.co/1VtwpNnr6m
@VulmonFeeds
11 Apr 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-0126: HIGH] Session fixation vulnerability in GlobalProtect login via SAML allows attackers to impersonate authorized users. PAN-OS management interface is unaffected; Cloud NGFW and Prisma Access are pa...#cybersecurity,#vulnerability https://t.co/o5ocMQ1X82 https://t.
@CveFindCom
11 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes