Hari Yadavalli

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS versions prior to 10.2.8 Palo Alto Networks PAN-OS versions prior to 11.0.4 Description: An information exposure issue in the software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator with access to the config log can read these sensitive details. Recommendations: For versions prior to 10.2.8, update to version 10.2.8 or later. For versions prior to 11.0.4, update to version 11.0.4 or later. As a temporary workaround, consider restricting access to the config log to minimize the risk of exploitation.