CVE-2023-0004: 
PAN-OS vulnerability analysis and mitigation

A local file deletion vulnerability (CVE-2023-0004) was discovered in Palo Alto Networks PAN-OS software. The vulnerability was disclosed on April 12, 2023, affecting multiple versions of PAN-OS software including versions prior to 8.1.24, 9.0.17, 9.1.15, 10.0.11, and 10.1.6. This vulnerability enables an authenticated administrator to delete files from the local file system with elevated privileges (Palo Alto Advisory).

The vulnerability has been assigned a CVSS v3.1 Base Score of 6.5 (Medium severity) with the following metrics: Attack Vector: Network, Attack Complexity: Low, Privileges Required: High, User Interaction: None, Scope: Unchanged, Confidentiality Impact: None, Integrity Impact: High, Availability Impact: High. The weakness type is classified as CWE-703: Improper Check or Handling of Exceptional Conditions (Palo Alto Advisory).

The vulnerability allows authenticated administrators to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software (Palo Alto Advisory).

The vulnerability has been fixed in PAN-OS versions 8.1.24, 9.0.17, 9.1.15, 10.0.11, 10.1.6, and all later versions. Customers with a Threat Prevention subscription can block attacks by enabling Threat IDs 93274 and 93287 (Applications and Threats content update 8698). Additionally, organizations can mitigate the impact by following best practices for securing the PAN-OS management interface (Palo Alto Advisory).