CVE-2023-6790: 
PAN-OS vulnerability analysis and mitigation

A DOM-Based cross-site scripting (XSS) vulnerability was discovered in Palo Alto Networks PAN-OS software, identified as CVE-2023-6790. The vulnerability was disclosed on December 13, 2023, and affects multiple versions of PAN-OS software including versions 8.1.0-8.1.25, 9.0.0-9.0.17, 9.1.0-9.1.16, 10.0.0-10.0.12, 10.1.0-10.1.9, 10.2.0-10.2.4, and 11.0.0. The vulnerability was discovered by Kajetan Rostojek and reported to Palo Alto Networks (Palo Security Advisory).

The vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation). It received a CVSS v3.1 base score of 8.8 (HIGH) from Palo Alto Networks and 6.1 (MEDIUM) from NIST. The attack vector is network-based with low attack complexity, requires no privileges, but does need user interaction. The vulnerability allows for high impacts on confidentiality, integrity, and availability according to the vendor's assessment (NVD, Palo Security Advisory).

When successfully exploited, this vulnerability enables a remote attacker to execute JavaScript payload in the context of an administrator's browser when they view a specifically crafted link to the PAN-OS web interface. This could potentially lead to high impacts on system confidentiality, integrity, and availability (Palo Security Advisory).

Palo Alto Networks has released fixes for this vulnerability in PAN-OS versions 8.1.25, 9.0.17, 9.1.16, 10.0.12, 10.1.9, 10.2.4, 11.0.1, and all later PAN-OS versions. Users are advised to upgrade to these patched versions. However, customers affected by the PAN-OS root and default certificate expiration issue must carefully select the fixed version to avoid reintroducing the certificate issue (Palo Security Advisory).