CVE-2025-12619

CMS vulnerability - Palo Alto Networks

Medium CVSS Score: 4.5 Published: 2025-09-23

Description

A sql injection vulnerability in Palo Alto Networks CMS allows attackers to access sensitive information. This affects versions through 13.16.5.

Affected Systems

Vendor Palo Alto Networks
Product CMS
Affected Versions < 13.15
CWE ID CWE-125

Mitigation

As a workaround, use Web Application Firewall until a patch is available.

Fix Instructions

1. Update CMS to the latest version
2. Apply vendor patch when available
3. Implement network segmentation
4. Monitor for exploitation attempts

References

Risk Assessment

CVSS: 4.5/10

Exploit Available Unknown
Patch Available Yes

Need Help Patching?

Our security team can help assess and remediate this vulnerability in your environment.

Get Help

Related Vulnerabilities

medium

CVE-2025-72706

CMS...
low

CVE-2024-88719

CMS...
high

CVE-2025-74892

Runtime...
low

CVE-2024-43076

CMS...
medium

CVE-2025-70213

Windows Server...
medium

CVE-2024-78475

VPN...

Stay Ahead of Threats

Subscribe to our vulnerability feed and get instant alerts when new CVEs affect your systems.

Start Monitoring