CVE-2025-0138

Vulnerability Description

Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access. Compute in Prisma Cloud Enterprise Edition is not affected by this issue.

Related Weaknesses (CWE)

CWE-613

References

https://security.paloaltonetworks.com/CVE-2025-0138

FAQ

What is CVE-2025-0138?

CVE-2025-0138 is a documented vulnerability. Web sessions in the web interface of Palo Alto Networks Prisma® Cloud Compute Edition do not expire when users are deleted, which makes Prisma Cloud Compute Edition susceptible to unauthorized access....

How severe is CVE-2025-0138?

CVSS scoring is not yet available for CVE-2025-0138. Check NVD for updates.

Is there a patch for CVE-2025-0138?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.