CVE-2023-6793: 
PAN-OS vulnerability analysis and mitigation

An improper privilege management vulnerability (CVE-2023-6793) was discovered in Palo Alto Networks PAN-OS software, disclosed on December 13, 2023. The vulnerability affects multiple versions of PAN-OS including versions 9.0.x, 9.1.x (before 9.1.17), 10.0.x, 10.1.x (before 10.1.11), 10.2.x (before 10.2.5), and 11.0.x (before 11.0.2). This vulnerability specifically impacts systems with XML API access enabled (Palo Alto Advisory).

The vulnerability is classified as an improper privilege management issue (CWE-269) that allows an authenticated read-only administrator to revoke active XML API keys from the firewall. The vulnerability has been assigned a CVSS v4.0 base score of 5.1 (MEDIUM), with attack vector being network-based, low attack complexity, and requiring high privileges. The technical assessment indicates that the vulnerability is automatable and requires no user interaction (Palo Alto Advisory).

When exploited, this vulnerability enables an authenticated read-only administrator to disrupt XML API usage by revoking active XML API keys from the firewall. The impact primarily affects the availability of the system's API functionality, while confidentiality and integrity remain unaffected (Palo Alto Advisory).

Palo Alto Networks has released fixes for this vulnerability in PAN-OS versions 9.0.17-h4, 9.1.17, 10.1.11, 10.2.5, 11.0.2, and all later PAN-OS versions. As a mitigation measure, organizations are advised to follow the Best Practices for Securing Administrative Access as documented in the PAN-OS technical documentation (Palo Alto Advisory).