CVE-2015-4162
PAN-OS < 5.0.16, 6.x < 6.0.8, 6.1.x < 6.1.4 - Authenticated XML External Entity Injection
Title source: llmDescription
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74941
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2015-4162
Scores
EPSS
0.0032
EPSS Percentile
55.0%
Details
Status
published
Products (13)
paloaltonetworks/pan-os
6.0
paloaltonetworks/pan-os
6.0.1
paloaltonetworks/pan-os
6.0.2
paloaltonetworks/pan-os
6.0.3
paloaltonetworks/pan-os
6.0.4
paloaltonetworks/pan-os
6.0.5
paloaltonetworks/pan-os
6.0.6
paloaltonetworks/pan-os
6.0.7
paloaltonetworks/pan-os
6.1.0
paloaltonetworks/pan-os
6.1.1
... and 3 more
Published
Jun 02, 2015
Tracked Since
Feb 18, 2026