https://live.paloaltonetworks.com/t5/general-topics/cve-description-clarification/m-p/574370#M115453 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/238781">@Charlie80</a>,</P> <P><A href="https://cwe.mitre.org/data/definitions/78" target="_blank">https://cwe.mitre.org/data/definitions/78</A>&nbsp;helps provide a little bit of insight into the type of exploit that leads to the vulnerability. Anyone authenticated to the GUI has the potential to exploit this vulnerability, which would include any read-only permissioned users.&nbsp;</P> Wed, 24 Jan 2024 23:07:47 GMT BPry 2024-01-24T23:07:47Z https://live.paloaltonetworks.com/t5/general-topics/cve-description-clarification/m-p/574249#M115423 <P>I'm looking at CVE-2023-6795 and in the description I see "enables an authenticated administrator to disrupt system processes and potentially execute arbitrary code with limited privileges on the firewall"</P> <P>This means that all admin included the readonly admin like the SuperUser (ReadOnly) can do the execute arbitrary code?</P> Wed, 24 Jan 2024 08:18:29 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-description-clarification/m-p/574249#M115423 Charlie80 2024-01-24T08:18:29Z https://live.paloaltonetworks.com/t5/general-topics/cve-description-clarification/m-p/574370#M115453 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/238781">@Charlie80</a>,</P> <P><A href="https://cwe.mitre.org/data/definitions/78" target="_blank">https://cwe.mitre.org/data/definitions/78</A>&nbsp;helps provide a little bit of insight into the type of exploit that leads to the vulnerability. Anyone authenticated to the GUI has the potential to exploit this vulnerability, which would include any read-only permissioned users.&nbsp;</P> Wed, 24 Jan 2024 23:07:47 GMT https://live.paloaltonetworks.com/t5/general-topics/cve-description-clarification/m-p/574370#M115453 BPry 2024-01-24T23:07:47Z