PT-2026-40767 · Palo Alto Networks · Trust Protection Foundation
Published
2026-05-13
·
Updated
2026-05-13
·
CVE-2026-0242
CVSS v4.0
6.1
Medium
| Vector | AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Amber |
A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full administrative control of the platform.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trust Protection Foundation