CVE-2025-0138
Prisma Cloud Compute Edition: Insufficient Session Expiration Vulnerability in the Web Interface
Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access.
Compute in Prisma Cloud Enterprise Edition is not affected by this issue.
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber
Productos afectados
Palo Alto Networks · Compute in Prisma Cloud Enterprise EditionPalo Alto Networks · Prisma Cloud Compute Edition¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →