Trust Protection Foundation: SQL Injection Vulnerability_CVE-2026-0242

6.1 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber

Description

A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full administrative control of the platform.

Basic Information

ID CVE-2026-0242

Source palo_alto

Published May 13, 2026 at 19:04

Modified May 13, 2026 at 19:29

Affected Product

Vendor Palo Alto Networks

Product Trust Protection Foundation

Version 25.3.0

Affected Versions Palo Alto Networks Trust Protection Foundation 25.3.0
Palo Alto Networks Trust Protection Foundation 25.1.0
Palo Alto Networks Trust Protection Foundation 24.3.0
Palo Alto Networks Trust Protection Foundation 24.1.0

CWE Classification

CWE-89

References

security.paloaltonetworks.com /CVE-2026-0242

{
    "lastseen": "",
    "description": "A SQL injection vulnerability in Trust Protection Foundation allows an authenticated attacker to execute arbitrary SQL commands against the product database. Successful exploitation could allow an attacker to read sensitive data, modify database contents, and escalate privileges to gain full administrative control of the platform.",
    "published": "2026-05-13T19:04:52.841Z",
    "modified": "2026-05-13T19:29:39.078Z",
    "type": "cve",
    "title": "Trust Protection Foundation: SQL Injection Vulnerability",
    "source": "palo_alto",
    "references": "https://security.paloaltonetworks.com/CVE-2026-0242",
    "id": "CVE-2026-0242",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Palo Alto Networks Trust Protection Foundation 25.3.0\nPalo Alto Networks Trust Protection Foundation 25.1.0\nPalo Alto Networks Trust Protection Foundation 24.3.0\nPalo Alto Networks Trust Protection Foundation 24.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:U/AU:Y/R:U/V:C/RE:M/U:Amber",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Trust Protection Foundation",
    "version": "25.3.0",
    "vendor": "Palo Alto Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}