/

CVE-2023-0004 Report - Details, Severity, & Advisories

CVE-2023-0004 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-0004?

CVE-2023-0004 is a medium-severity vulnerability affecting Palo Alto Networks PAN-OS software and certain Fedora Project Fedora versions. Systems running specific versions of PAN-OS software and Fedora are at risk, making it crucial for users to stay informed and apply necessary updates to maintain security.

Who is impacted by this?

The impacted versions include 8.1.0 to 8.1.23, 9.0.0 to 9.0.16, 9.1.0 to 9.1.14, 10.0.0 to 10.0.10, and 10.1.0 to 10.1.5. This local file deletion vulnerability allows administrators to delete files from the local file system with elevated privileges, potentially impacting the integrity and availability of the affected software.

What to do if CVE-2023-0004 affected you

If you're impacted by the CVE-2023-0004 vulnerability, it's important to update your software to the latest version to maintain security. For Fedora users, follow these steps:

  1. Open a terminal window.

  2. For Fedora 39, run the command: su -c 'dnf upgrade --advisory FEDORA-2023-7b52921cae'

  3. For Fedora 38, refer to the Fedora 38 Update for instructions.

  4. Restart your system if necessary.

For Palo Alto Networks PAN-OS users, consult your vendor for specific update instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-0004 vulnerability, a local file deletion issue in Palo Alto Networks PAN-OS software, is not listed in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability was published on April 12, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-703, which involves improper handling of exceptional conditions.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-0004 Report - Details, Severity, & Advisories

CVE-2023-0004 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-0004?

CVE-2023-0004 is a medium-severity vulnerability affecting Palo Alto Networks PAN-OS software and certain Fedora Project Fedora versions. Systems running specific versions of PAN-OS software and Fedora are at risk, making it crucial for users to stay informed and apply necessary updates to maintain security.

Who is impacted by this?

The impacted versions include 8.1.0 to 8.1.23, 9.0.0 to 9.0.16, 9.1.0 to 9.1.14, 10.0.0 to 10.0.10, and 10.1.0 to 10.1.5. This local file deletion vulnerability allows administrators to delete files from the local file system with elevated privileges, potentially impacting the integrity and availability of the affected software.

What to do if CVE-2023-0004 affected you

If you're impacted by the CVE-2023-0004 vulnerability, it's important to update your software to the latest version to maintain security. For Fedora users, follow these steps:

  1. Open a terminal window.

  2. For Fedora 39, run the command: su -c 'dnf upgrade --advisory FEDORA-2023-7b52921cae'

  3. For Fedora 38, refer to the Fedora 38 Update for instructions.

  4. Restart your system if necessary.

For Palo Alto Networks PAN-OS users, consult your vendor for specific update instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-0004 vulnerability, a local file deletion issue in Palo Alto Networks PAN-OS software, is not listed in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability was published on April 12, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-703, which involves improper handling of exceptional conditions.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-0004 Report - Details, Severity, & Advisories

Twingate Team

Jul 4, 2024

What is CVE-2023-0004?

CVE-2023-0004 is a medium-severity vulnerability affecting Palo Alto Networks PAN-OS software and certain Fedora Project Fedora versions. Systems running specific versions of PAN-OS software and Fedora are at risk, making it crucial for users to stay informed and apply necessary updates to maintain security.

Who is impacted by this?

The impacted versions include 8.1.0 to 8.1.23, 9.0.0 to 9.0.16, 9.1.0 to 9.1.14, 10.0.0 to 10.0.10, and 10.1.0 to 10.1.5. This local file deletion vulnerability allows administrators to delete files from the local file system with elevated privileges, potentially impacting the integrity and availability of the affected software.

What to do if CVE-2023-0004 affected you

If you're impacted by the CVE-2023-0004 vulnerability, it's important to update your software to the latest version to maintain security. For Fedora users, follow these steps:

  1. Open a terminal window.

  2. For Fedora 39, run the command: su -c 'dnf upgrade --advisory FEDORA-2023-7b52921cae'

  3. For Fedora 38, refer to the Fedora 38 Update for instructions.

  4. Restart your system if necessary.

For Palo Alto Networks PAN-OS users, consult your vendor for specific update instructions.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

The CVE-2023-0004 vulnerability, a local file deletion issue in Palo Alto Networks PAN-OS software, is not listed in CISA's Known Exploited Vulnerabilities Catalog. The vulnerability was published on April 12, 2023.

Weakness Enumeration

The weakness enumeration for this vulnerability is categorized as CWE-703, which involves improper handling of exceptional conditions.

Learn More

For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, refer to the NVD page or the sources listed below.