7.5
CVE-2026-4761
- EPSS 0.02%
- Veröffentlicht 25.03.2026 12:45:27
- Zuletzt bearbeitet 01.04.2026 15:32:41
- Quelle 30aa36b7-a224-4bc9-b7d3-abea20
- CVE-Watchlists
- Unerledigt
LoginWhen a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. * Installations based on Panorama Suite 2025 (25.00.004) are vulnerable unless update PS-2500-00-0357 (or higher) is installed * Installations based on Panorama Suite 2025 Updated Dec. 25 (25.10.007) are not vulnerable Please refer to security bulletin BS-036, available on the Panorama CSIRT website: https://my.codra.net/en-gb/csirt.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Codra ≫ Panorama Collaborative Operation & Execution Version25.00.004
Codra ≫ Panorama Com Version25.00.004
Codra ≫ Panorama E2 Version25.00.004
Codra ≫ Panorama H2 Version25.00.004
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.046 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 30aa36b7-a224-4bc9-b7d3-abea20aa4887 | 3.3 | 0 | 0 |
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Amber
|
CWE-732 Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.