Vulnerability Details CVE-2023-6789
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.4%
CVSS Severity
CVSS v3 Score 4.3
References
Products affected by CVE-2023-6789
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:10.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0
-
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1
-
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2
-
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3
-
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4
-
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.14
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.15
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.16
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.17
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.18
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.19
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.20
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.21
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.22
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.23
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.24
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.25
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.7
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.8
-
cpe:2.3:o:paloaltonetworks:pan-os:8.1.9
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.0
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.1
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.10
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.11
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.12
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.13
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.14
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.15
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.16
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.2
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.3
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.4
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.5
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.6
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.7
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.8
-
cpe:2.3:o:paloaltonetworks:pan-os:9.0.9
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.0
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.1
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.10
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.11
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.12
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.13
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.14
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.15
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.16
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.2
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.3
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.4
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.5
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.6
-
cpe:2.3:o:paloaltonetworks:pan-os:9.1.9