CVE-2023-0007: 
PAN-OS vulnerability analysis and mitigation

A cross-site scripting (XSS) vulnerability was discovered in Palo Alto Networks PAN-OS software, specifically affecting Panorama appliances. The vulnerability, identified as CVE-2023-0007, was disclosed on May 10, 2023. This security flaw enables an authenticated read-write administrator to store a JavaScript payload in the web interface that can execute in the context of another administrator's browser when viewed (Palo Alto Advisory).

The vulnerability is classified as a stored cross-site scripting (XSS) issue, categorized under CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page. It received a CVSSv3.1 Base Score of 6.5 (MEDIUM), with attack vector being NETWORK, attack complexity LOW, and requiring HIGH privileges. The vulnerability affects specific versions of PAN-OS software, including versions below 10.0.7, 9.1.16, 9.0.17, and 8.1.25 on Panorama appliances (Palo Alto Advisory).

The vulnerability allows an attacker with authenticated access to execute JavaScript code in the context of another administrator's browser session. This could potentially lead to high confidentiality and integrity impacts, though availability remains unaffected. The scope is unchanged, meaning the vulnerable component and impacted component are the same (Palo Alto Advisory).

The vulnerability has been fixed in PAN-OS versions 8.1.25, 9.0.17, 9.1.16, 10.0.7, and all later PAN-OS versions. As a mitigation measure, organizations are advised to follow best practices for securing the PAN-OS web interface. Palo Alto Networks recommends reviewing the Best Practices for Securing Administrative Access in the PAN-OS technical documentation (Palo Alto Advisory).