CVE-2026-0285
Awaiting Analysis Awaiting Analysis - Queue

SSRF in Palo Alto PAN-OS Management Interface

Vulnerability report for CVE-2026-0285, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-09

Assigner: Palo Alto Networks, Inc.

Description

A server-side request forgery (SSRF) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimized when the management interface is restricted to only trusted internal IP addresses according to our recommended  best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .  Panorama, Cloud NGFW, and Prisma® Access are not impacted by this vulnerability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-09
Generated
2026-07-10
AI Q&A
2026-07-09
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
palo_alto_networks pan-os 10.2
palo_alto_networks pan-os 11.1
palo_alto_networks pan-os 11.2
palo_alto_networks pan-os 12.1

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-0285 is a Server-Side Request Forgery (SSRF) vulnerability found in Palo Alto Networks PAN-OS software. It allows an authenticated administrator who has network access to the management web interface to make unauthorized requests from the firewall to internal services.

The risk of this vulnerability increases if the management interface is accessible from untrusted networks such as the internet. However, the risk is minimized when access to the management interface is restricted to trusted internal IP addresses.

Impact Analysis

This vulnerability can allow an authenticated administrator to make unauthorized requests from the firewall to internal services, potentially leading to unauthorized access or actions within the internal network.

The impact is greater if the management interface is exposed to untrusted networks, increasing the risk of exploitation. However, if best practices are followed by restricting management interface access to trusted internal IP addresses, the security risk is minimized.

Mitigation Strategies

To mitigate the vulnerability, restrict access to the management web interface to only trusted internal IP addresses.

Upgrade your PAN-OS software to the patched versions that address this SSRF vulnerability.

  • Ensure the management interface is not accessible from untrusted networks such as the internet.
  • Note that Panorama, Cloud NGFW, and Prisma Access are not impacted by this vulnerability.
Compliance Impact

The provided information does not specify how the CVE-2026-0285 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0285. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart