{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-0114","assignerOrgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","state":"PUBLISHED","assignerShortName":"palo_alto","dateReserved":"2024-12-20T23:23:15.900Z","datePublished":"2025-03-12T18:20:05.608Z","dateUpdated":"2025-03-12T18:34:48.122Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h10:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h9:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h8:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h7:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h6:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h5:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h4:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h3:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h2:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:h1:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.14:-:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:*:*:*:*:*:*:*","cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"PAN-OS","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"11.2.0","versionType":"custom"},{"status":"unaffected","version":"11.1.0","versionType":"custom"},{"changes":[{"at":"11.0.2","status":"unaffected"}],"lessThan":"11.0.2","status":"affected","version":"11.0.0","versionType":"custom"},{"changes":[{"at":"10.2.5","status":"unaffected"}],"lessThan":"10.2.5","status":"affected","version":"10.2.0","versionType":"custom"},{"changes":[{"at":"10.1.14-h11","status":"unaffected"}],"lessThan":"10.1.14-h11","status":"affected","version":"10.1.0","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Cloud NGFW","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]},{"defaultStatus":"unaffected","product":"Prisma Access","vendor":"Palo Alto Networks","versions":[{"status":"unaffected","version":"All","versionType":"custom"}]}],"configurations":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network > GlobalProtect > Portals and Network > GlobalProtect > Gateways)."}],"value":"This issue is applicable only to PAN-OS firewall configurations with an enabled GlobalProtect portal or gateway. You can verify whether you have a GlobalProtect portal or gateway configured on your firewall by checking entries in the firewall web interface (Network > GlobalProtect > Portals and Network > GlobalProtect > Gateways)."}],"credits":[{"lang":"en","type":"finder","value":"an external reporter"}],"datePublic":"2025-03-12T16:00:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.

This issue does not apply to Cloud NGFWs or Prisma Access software."}],"value":"A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software enables an unauthenticated attacker to render the service unavailable by sending a large number of specially crafted packets over a period of time. This issue affects both the GlobalProtect portal and the GlobalProtect gateway.\n\nThis issue does not apply to Cloud NGFWs or Prisma Access software."}],"exploits":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue."}],"impacts":[{"capecId":"CAPEC-125","descriptions":[{"lang":"en","value":"CAPEC-125 Flooding"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NO","Recovery":"USER","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":8.2,"baseSeverity":"HIGH","privilegesRequired":"NONE","providerUrgency":"AMBER","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"CONCENTRATED","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/U:Amber","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"d6c1279f-00f6-4ef7-9217-f89ffe703ec0","shortName":"palo_alto","dateUpdated":"2025-03-12T18:20:05.608Z"},"references":[{"tags":["vendor-advisory"],"url":"https://security.paloaltonetworks.com/CVE-2025-0114"}],"solutions":[{"lang":"eng","supportingMedia":[{"base64":false,"type":"text/html","value":"
Version
Minor Version
Suggested Solution
PAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or later
PAN-OS 10.210.2.0 through 10.2.4
Upgrade to 10.2.5 or later
PAN-OS 10.1
10.1.0 through 10.1.14
Upgrade to 10.1.14-h11 or later
All other older
unsupported
PAN-OS versions		 Upgrade to a supported fixed version.
"}],"value":"Version\nMinor Version\nSuggested Solution\nPAN-OS 11.011.0.0 through 11.0.1Upgrade to 11.0.2 or laterPAN-OS 10.210.2.0 through 10.2.4\nUpgrade to 10.2.5 or laterPAN-OS 10.1\n10.1.0 through 10.1.14\nUpgrade to 10.1.14-h11 or later\nAll other older\nunsupported\nPAN-OS versionsĀ Upgrade to a supported fixed version."}],"source":{"defect":["PAN-209208"],"discovery":"EXTERNAL"},"timeline":[{"lang":"en","time":"2025-03-12T16:00:00.000Z","value":"Initial Publication"}],"title":"PAN-OS: Denial of Service (DoS) in GlobalProtect","workarounds":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"No workaround or mitigation is available."}],"value":"No workaround or mitigation is available."}],"x_affectedList":["PAN-OS 11.0.1-h5","PAN-OS 11.0.1-h4","PAN-OS 11.0.1-h3","PAN-OS 11.0.1-h2","PAN-OS 11.0.1-h1","PAN-OS 11.0.1","PAN-OS 11.0.0-h4","PAN-OS 11.0.0-h3","PAN-OS 11.0.0-h2","PAN-OS 11.0.0-h1","PAN-OS 11.0.0","PAN-OS 10.2.4-h32","PAN-OS 10.2.4-h31","PAN-OS 10.2.4-h30","PAN-OS 10.2.4-h29","PAN-OS 10.2.4-h28","PAN-OS 10.2.4-h27","PAN-OS 10.2.4-h26","PAN-OS 10.2.4-h25","PAN-OS 10.2.4-h24","PAN-OS 10.2.4-h23","PAN-OS 10.2.4-h22","PAN-OS 10.2.4-h21","PAN-OS 10.2.4-h20","PAN-OS 10.2.4-h19","PAN-OS 10.2.4-h18","PAN-OS 10.2.4-h17","PAN-OS 10.2.4-h16","PAN-OS 10.2.4-h15","PAN-OS 10.2.4-h14","PAN-OS 10.2.4-h13","PAN-OS 10.2.4-h12","PAN-OS 10.2.4-h11","PAN-OS 10.2.4-h10","PAN-OS 10.2.4-h9","PAN-OS 10.2.4-h8","PAN-OS 10.2.4-h7","PAN-OS 10.2.4-h6","PAN-OS 10.2.4-h5","PAN-OS 10.2.4-h4","PAN-OS 10.2.4-h3","PAN-OS 10.2.4-h2","PAN-OS 10.2.4-h1","PAN-OS 10.2.4","PAN-OS 10.2.3-h14","PAN-OS 10.2.3-h13","PAN-OS 10.2.3-h12","PAN-OS 10.2.3-h11","PAN-OS 10.2.3-h10","PAN-OS 10.2.3-h9","PAN-OS 10.2.3-h8","PAN-OS 10.2.3-h7","PAN-OS 10.2.3-h6","PAN-OS 10.2.3-h5","PAN-OS 10.2.3-h4","PAN-OS 10.2.3-h3","PAN-OS 10.2.3-h2","PAN-OS 10.2.3-h1","PAN-OS 10.2.3","PAN-OS 10.2.2-h6","PAN-OS 10.2.2-h5","PAN-OS 10.2.2-h4","PAN-OS 10.2.2-h3","PAN-OS 10.2.2-h2","PAN-OS 10.2.2-h1","PAN-OS 10.2.2","PAN-OS 10.2.1-h3","PAN-OS 10.2.1-h2","PAN-OS 10.2.1-h1","PAN-OS 10.2.1","PAN-OS 10.2.0-h4","PAN-OS 10.2.0-h3","PAN-OS 10.2.0-h2","PAN-OS 10.2.0-h1","PAN-OS 10.2.0","PAN-OS 10.1.14-h10","PAN-OS 10.1.14-h9","PAN-OS 10.1.14-h8","PAN-OS 10.1.14-h7","PAN-OS 10.1.14-h6","PAN-OS 10.1.14-h5","PAN-OS 10.1.14-h4","PAN-OS 10.1.14-h3","PAN-OS 10.1.14-h2","PAN-OS 10.1.14-h1","PAN-OS 10.1.14","PAN-OS 10.1.13-h5","PAN-OS 10.1.13-h4","PAN-OS 10.1.13-h3","PAN-OS 10.1.13-h2","PAN-OS 10.1.13-h1","PAN-OS 10.1.13","PAN-OS 10.1.12-h3","PAN-OS 10.1.12-h2","PAN-OS 10.1.12-h1","PAN-OS 10.1.12","PAN-OS 10.1.11-h10","PAN-OS 10.1.11-h9","PAN-OS 10.1.11-h8","PAN-OS 10.1.11-h7","PAN-OS 10.1.11-h6","PAN-OS 10.1.11-h5","PAN-OS 10.1.11-h4","PAN-OS 10.1.11-h3","PAN-OS 10.1.11-h2","PAN-OS 10.1.11-h1","PAN-OS 10.1.11","PAN-OS 10.1.10-h9","PAN-OS 10.1.10-h8","PAN-OS 10.1.10-h7","PAN-OS 10.1.10-h6","PAN-OS 10.1.10-h5","PAN-OS 10.1.10-h4","PAN-OS 10.1.10-h3","PAN-OS 10.1.10-h2","PAN-OS 10.1.10-h1","PAN-OS 10.1.10","PAN-OS 10.1.9-h14","PAN-OS 10.1.9-h13","PAN-OS 10.1.9-h12","PAN-OS 10.1.9-h11","PAN-OS 10.1.9-h10","PAN-OS 10.1.9-h9","PAN-OS 10.1.9-h8","PAN-OS 10.1.9-h7","PAN-OS 10.1.9-h6","PAN-OS 10.1.9-h5","PAN-OS 10.1.9-h4","PAN-OS 10.1.9-h3","PAN-OS 10.1.9-h2","PAN-OS 10.1.9-h1","PAN-OS 10.1.9","PAN-OS 10.1.8-h8","PAN-OS 10.1.8-h7","PAN-OS 10.1.8-h6","PAN-OS 10.1.8-h5","PAN-OS 10.1.8-h4","PAN-OS 10.1.8-h3","PAN-OS 10.1.8-h2","PAN-OS 10.1.8-h1","PAN-OS 10.1.8","PAN-OS 10.1.7-h1","PAN-OS 10.1.7","PAN-OS 10.1.6-h9","PAN-OS 10.1.6-h8","PAN-OS 10.1.6-h7","PAN-OS 10.1.6-h6","PAN-OS 10.1.6-h5","PAN-OS 10.1.6-h4","PAN-OS 10.1.6-h3","PAN-OS 10.1.6-h2","PAN-OS 10.1.6-h1","PAN-OS 10.1.6","PAN-OS 10.1.5-h4","PAN-OS 10.1.5-h3","PAN-OS 10.1.5-h2","PAN-OS 10.1.5-h1","PAN-OS 10.1.5","PAN-OS 10.1.4-h6","PAN-OS 10.1.4-h5","PAN-OS 10.1.4-h4","PAN-OS 10.1.4-h3","PAN-OS 10.1.4-h2","PAN-OS 10.1.4-h1","PAN-OS 10.1.4","PAN-OS 10.1.3-h4","PAN-OS 10.1.3-h3","PAN-OS 10.1.3-h2","PAN-OS 10.1.3-h1","PAN-OS 10.1.3","PAN-OS 10.1.2","PAN-OS 10.1.1","PAN-OS 10.1.0"],"x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-12T18:34:02.023259Z","id":"CVE-2025-0114","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-12T18:34:48.122Z"}}]}}