Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-5917 (GCVE-0-2024-5917)
Vulnerability from cvelistv5 – Published: 2024-11-14 09:39 – Updated: 2025-01-15 22:24
VLAI?
EPSS
Title
PAN-OS: Server-Side Request Forgery in WildFire
Summary
A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-5917 | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
|
|
| Palo Alto Networks | PAN-OS |
Unaffected:
11.2.0
Unaffected: 11.1.0 Unaffected: 11.0.0 Affected: 10.2.0 , < 10.2.2 (custom) Affected: 10.1.0 , < 10.1.7 (custom) |
Date Public ?
2024-11-13 18:00
Credits
Michael Baker from AC3
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cloud_ngfw",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "11.2.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "11.1.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"status": "affected",
"version": "11.0.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pan-os",
"vendor": "paloaltonetworks",
"versions": [
{
"lessThan": "10.2.2",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "10.1.7",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5917",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T18:58:18.463866Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T19:35:37.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.2.0"
},
{
"status": "unaffected",
"version": "11.1.0"
},
{
"status": "unaffected",
"version": "11.0.0"
},
{
"changes": [
{
"at": "10.2.2",
"status": "unaffected"
}
],
"lessThan": "10.2.2",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.7",
"status": "unaffected"
}
],
"lessThan": "10.1.7",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \u2192 Setup \u2192 WildFire."
}
],
"value": "Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \u2192 Setup \u2192 WildFire."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Baker from AC3"
}
],
"datePublic": "2024-11-13T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible."
}
],
"value": "A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 2.1,
"baseSeverity": "LOW",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-15T22:24:12.795Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-115469"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Server-Side Request Forgery in WildFire",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-5917",
"datePublished": "2024-11-14T09:39:40.266Z",
"dateReserved": "2024-06-12T15:27:57.001Z",
"dateUpdated": "2025-01-15T22:24:12.795Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-5917",
"date": "2026-05-22",
"epss": "0.00228",
"percentile": "0.45492"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.\"}, {\"lang\": \"es\", \"value\": \"Server-side request forgeryen el software PAN-OS permite a un atacante no autenticado utilizar la interfaz web administrativa como proxy, lo que le permite ver recursos de red internos que de otra manera no ser\\u00edan accesibles.\"}]",
"id": "CVE-2024-5917",
"lastModified": "2024-11-15T13:58:08.913",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"NONE\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"NONE\", \"subsequentSystemConfidentiality\": \"LOW\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NO\", \"recovery\": \"AUTOMATIC\", \"valueDensity\": \"DIFFUSE\", \"vulnerabilityResponseEffort\": \"MODERATE\", \"providerUrgency\": \"AMBER\"}}]}",
"published": "2024-11-14T10:15:08.607",
"references": "[{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-5917\", \"source\": \"psirt@paloaltonetworks.com\"}]",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Undergoing Analysis",
"weaknesses": "[{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-918\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-5917\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2024-11-14T10:15:08.607\",\"lastModified\":\"2025-01-24T16:04:54.887\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.\"},{\"lang\":\"es\",\"value\":\"Server-side request forgeryen el software PAN-OS permite a un atacante no autenticado utilizar la interfaz web administrativa como proxy, lo que le permite ver recursos de red internos que de otra manera no ser\u00edan accesibles.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber\",\"baseScore\":2.1,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"NONE\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"AUTOMATIC\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.7\",\"matchCriteriaId\":\"98999D32-B8D9-4D47-94D9-6383D31D0518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.2\",\"matchCriteriaId\":\"22513B1B-6022-4732-8CD4-6E74E40D664A\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2024-5917\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5917\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-14T18:58:18.463866Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"cloud_ngfw\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"*\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"pan-os\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.2.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"pan-os\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.1.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"pan-os\", \"versions\": [{\"status\": \"affected\", \"version\": \"11.0.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\"], \"vendor\": \"paloaltonetworks\", \"product\": \"pan-os\", \"versions\": [{\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-14T19:14:51.942Z\"}}], \"cna\": {\"title\": \"PAN-OS: Server-Side Request Forgery in WildFire\", \"source\": {\"defect\": [\"PAN-115469\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Michael Baker from AC3\"}], \"impacts\": [{\"capecId\": \"CAPEC-664\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-664 Server Side Request Forgery\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 2.1, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.2.0\"}, {\"status\": \"unaffected\", \"version\": \"11.1.0\"}, {\"status\": \"unaffected\", \"version\": \"11.0.0\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.2\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.7\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-13T17:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in PAN-OS 10.1.7, PAN-OS 10.2.2, and all later PAN-OS versions.\", \"base64\": false}]}], \"datePublic\": \"2024-11-13T18:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-5917\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-918\", \"description\": \"CWE-918 Server-Side Request Forgery (SSRF)\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \\u2192 Setup \\u2192 WildFire.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Your network is impacted only if you enabled the WildFire Forwarding feature in your firewall. You can find this setting at Device \\u2192 Setup \\u2192 WildFire.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2025-01-15T22:24:12.795Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-5917\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-15T22:24:12.795Z\", \"dateReserved\": \"2024-06-12T15:27:57.001Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-11-14T09:39:40.266Z\", \"assignerShortName\": \"palo_alto\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0986
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.2.x antérieures à 10.2.12 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.5 | ||
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 130.117.2920.13 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.4 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.1.x antérieures à 10.1.14 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.0.x antérieures à 11.0.6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.12",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.5",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 130.117.2920.13",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.4",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.6",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-2552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2552"
},
{
"name": "CVE-2024-9962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9962"
},
{
"name": "CVE-2024-9959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9959"
},
{
"name": "CVE-2024-9965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9965"
},
{
"name": "CVE-2024-9966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9966"
},
{
"name": "CVE-2024-9963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9963"
},
{
"name": "CVE-2024-9955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9955"
},
{
"name": "CVE-2024-9472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9472"
},
{
"name": "CVE-2024-10827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10827"
},
{
"name": "CVE-2024-9956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9956"
},
{
"name": "CVE-2024-9958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9958"
},
{
"name": "CVE-2024-10229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10229"
},
{
"name": "CVE-2024-10488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10488"
},
{
"name": "CVE-2024-10230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10230"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-9957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9957"
},
{
"name": "CVE-2024-5920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5920"
},
{
"name": "CVE-2024-2551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2551"
},
{
"name": "CVE-2024-10826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10826"
},
{
"name": "CVE-2024-9960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9960"
},
{
"name": "CVE-2024-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5918"
},
{
"name": "CVE-2024-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2550"
},
{
"name": "CVE-2024-9954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9954"
},
{
"name": "CVE-2024-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5917"
},
{
"name": "CVE-2024-10231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10231"
},
{
"name": "CVE-2024-9964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9964"
},
{
"name": "CVE-2024-9961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9961"
},
{
"name": "CVE-2024-5919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5919"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0986",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-244950 et PAN-221352",
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-223185",
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-262287 et PAN-226361",
"url": "https://security.paloaltonetworks.com/CVE-2024-9472"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-261332",
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-115469",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-222484",
"url": "https://security.paloaltonetworks.com/CVE-2024-5920"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-216947",
"url": "https://security.paloaltonetworks.com/CVE-2024-5918"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0016",
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0016"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-205062",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
}
]
}
CERTFR-2024-AVI-0986
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.2.x antérieures à 10.2.12 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.5 | ||
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 130.117.2920.13 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.4 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.1.x antérieures à 10.1.14 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.0.x antérieures à 11.0.6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.12",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.5",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 130.117.2920.13",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.4",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.6",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-2552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2552"
},
{
"name": "CVE-2024-9962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9962"
},
{
"name": "CVE-2024-9959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9959"
},
{
"name": "CVE-2024-9965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9965"
},
{
"name": "CVE-2024-9966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9966"
},
{
"name": "CVE-2024-9963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9963"
},
{
"name": "CVE-2024-9955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9955"
},
{
"name": "CVE-2024-9472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9472"
},
{
"name": "CVE-2024-10827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10827"
},
{
"name": "CVE-2024-9956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9956"
},
{
"name": "CVE-2024-9958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9958"
},
{
"name": "CVE-2024-10229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10229"
},
{
"name": "CVE-2024-10488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10488"
},
{
"name": "CVE-2024-10230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10230"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-9957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9957"
},
{
"name": "CVE-2024-5920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5920"
},
{
"name": "CVE-2024-2551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2551"
},
{
"name": "CVE-2024-10826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10826"
},
{
"name": "CVE-2024-9960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9960"
},
{
"name": "CVE-2024-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5918"
},
{
"name": "CVE-2024-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2550"
},
{
"name": "CVE-2024-9954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9954"
},
{
"name": "CVE-2024-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5917"
},
{
"name": "CVE-2024-10231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10231"
},
{
"name": "CVE-2024-9964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9964"
},
{
"name": "CVE-2024-9961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9961"
},
{
"name": "CVE-2024-5919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5919"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0986",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-244950 et PAN-221352",
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-223185",
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-262287 et PAN-226361",
"url": "https://security.paloaltonetworks.com/CVE-2024-9472"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-261332",
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-115469",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-222484",
"url": "https://security.paloaltonetworks.com/CVE-2024-5920"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-216947",
"url": "https://security.paloaltonetworks.com/CVE-2024-5918"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0016",
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0016"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-205062",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
}
]
}
FKIE_CVE-2024-5917
Vulnerability from fkie_nvd - Published: 2024-11-14 10:15 - Updated: 2025-01-24 16:04
Severity ?
Summary
A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@paloaltonetworks.com | https://security.paloaltonetworks.com/CVE-2024-5917 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paloaltonetworks | pan-os | * | |
| paloaltonetworks | pan-os | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98999D32-B8D9-4D47-94D9-6383D31D0518",
"versionEndExcluding": "10.1.7",
"versionStartIncluding": "10.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "22513B1B-6022-4732-8CD4-6E74E40D664A",
"versionEndExcluding": "10.2.2",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A server-side request forgery in PAN-OS software enables an authenticated attacker with administrative privileges to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible."
},
{
"lang": "es",
"value": "Server-side request forgeryen el software PAN-OS permite a un atacante no autenticado utilizar la interfaz web administrativa como proxy, lo que le permite ver recursos de red internos que de otra manera no ser\u00edan accesibles."
}
],
"id": "CVE-2024-5917",
"lastModified": "2025-01-24T16:04:54.887",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NO",
"Recovery": "AUTOMATIC",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"baseSeverity": "LOW",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "MODERATE"
},
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
}
]
},
"published": "2024-11-14T10:15:08.607",
"references": [
{
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
}
],
"sourceIdentifier": "psirt@paloaltonetworks.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "psirt@paloaltonetworks.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-918"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-2J54-3GCC-FXXG
Vulnerability from github – Published: 2024-11-14 12:31 – Updated: 2025-01-24 18:31
VLAI?
Details
A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.
Severity ?
{
"affected": [],
"aliases": [
"CVE-2024-5917"
],
"database_specific": {
"cwe_ids": [
"CWE-918"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-14T10:15:08Z",
"severity": "MODERATE"
},
"details": "A server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.",
"id": "GHSA-2j54-3gcc-fxxg",
"modified": "2025-01-24T18:31:12Z",
"published": "2024-11-14T12:31:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5917"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber",
"type": "CVSS_V4"
}
]
}
ICSA-24-102-03
Vulnerability from csaf_cisa - Published: 2024-04-09 00:00 - Updated: 2024-12-10 00:00Summary
Siemens RUGGEDCOM APE1808
Notes
Summary: Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer: This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors: Communications, Critical Manufacturing, Transportation Systems
Countries/areas deployed: Worldwide
Company headquarters location: Germany
Recommended Practices: CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices: Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices: Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices: When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices: CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices: CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices: Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CWE-406
- Insufficient Control of Network Message Volume (Network Amplification)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-497
- Exposure of Sensitive System Information to an Unauthorized Control Sphere
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-73
- External Control of File Name or Path
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-522
- Insufficiently Protected Credentials
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-610
- Externally Controlled Reference to a Resource in Another Sphere
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-434
- Unrestricted Upload of File with Dangerous Type
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-918
- Server-Side Request Forgery (SSRF)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
References
10 references
Acknowledgments
Siemens
{
"document": {
"acknowledgments": [
{
"organization": "Siemens",
"summary": "reporting these vulnerabilities to CISA."
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2\u0026product=PAN-OS",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "other",
"text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.",
"title": "Advisory Conversion Disclaimer"
},
{
"category": "other",
"text": "Communications, Critical Manufacturing, Transportation Systems",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "Germany",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "other",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json"
},
{
"category": "self",
"summary": "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-822518.html"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-102-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-24-102-03 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Siemens RUGGEDCOM APE1808",
"tracking": {
"current_release_date": "2024-12-10T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-24-102-03",
"initial_release_date": "2024-04-09T00:00:00.000000Z",
"revision_history": [
{
"date": "2024-04-09T00:00:00.000000Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-08-13T00:00:00.000000Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added newly published CVE-2024-5911"
},
{
"date": "2024-12-10T00:00:00.000000Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added newly published CVE-2024-5917"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-0028",
"cwe": {
"id": "CWE-406",
"name": "Insufficient Control of Network Message Volume (Network Amplification)"
},
"notes": [
{
"category": "summary",
"text": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2022-0028"
},
{
"cve": "CVE-2023-0005",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0005"
},
{
"cve": "CVE-2023-0008",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-0008"
},
{
"cve": "CVE-2023-6790",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6790"
},
{
"cve": "CVE-2023-6791",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-6791"
},
{
"cve": "CVE-2023-38046",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2023-38046"
},
{
"cve": "CVE-2024-5911",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-5911"
},
{
"cve": "CVE-2024-5917",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "summary",
"text": "server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"CSAFPID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-0001"
]
}
],
"title": "CVE-2024-5917"
}
]
}
NCSC-2024-0444
Vulnerability from csaf_ncscnl - Published: 2024-11-14 12:38 - Updated: 2024-11-14 12:38Summary
Kwetsbaarheden verholpen in Palo Alto PAN-OS
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.
Interpretaties: Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.
Oplossingen: Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-476: NULL Pointer Dereference
CWE-295: Improper Certificate Validation
CWE-918: Server-Side Request Forgery (SSRF)
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-611: Improper Restriction of XML External Entity Reference
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-476
- NULL Pointer Dereference
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-476
- NULL Pointer Dereference
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-918
- Server-Side Request Forgery (SSRF)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-295
- Improper Certificate Validation
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-611
- Improper Restriction of XML External Entity Reference
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
CWE-476
- NULL Pointer Dereference
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
pan-os
paloalto_networks
|
cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*
|
— |
References
16 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.",
"title": "Feiten"
},
{
"category": "description",
"text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Improper Certificate Validation",
"title": "CWE-295"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-5920"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-5918"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-9472"
},
{
"category": "external",
"summary": "Reference - certbundde; cveprojectv5",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
}
],
"title": "Kwetsbaarheden verholpen in Palo Alto PAN-OS",
"tracking": {
"current_release_date": "2024-11-14T12:38:50.941039Z",
"id": "NCSC-2024-0444",
"initial_release_date": "2024-11-14T12:38:50.941039Z",
"revision_history": [
{
"date": "2024-11-14T12:38:50.941039Z",
"number": "0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "pan-os",
"product": {
"name": "pan-os",
"product_id": "CSAFPID-1687475",
"product_identification_helper": {
"cpe": "cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "paloalto_networks"
},
{
"branches": [
{
"category": "product_name",
"name": "cloud_ngfw",
"product": {
"name": "cloud_ngfw",
"product_id": "CSAFPID-842692",
"product_identification_helper": {
"cpe": "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "pan-os",
"product": {
"name": "pan-os",
"product_id": "CSAFPID-842690",
"product_identification_helper": {
"cpe": "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "vendor",
"name": "paloaltonetworks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2550",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2550",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2550.json"
}
],
"title": "CVE-2024-2550"
},
{
"cve": "CVE-2024-2551",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2551",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2551.json"
}
],
"title": "CVE-2024-2551"
},
{
"cve": "CVE-2024-2552",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-2552",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2552.json"
}
],
"title": "CVE-2024-2552"
},
{
"cve": "CVE-2024-5917",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5917",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5917.json"
}
],
"title": "CVE-2024-5917"
},
{
"cve": "CVE-2024-5918",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Certificate Validation",
"title": "CWE-295"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5918",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5918.json"
}
],
"title": "CVE-2024-5918"
},
{
"cve": "CVE-2024-5919",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5919",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5919.json"
}
],
"title": "CVE-2024-5919"
},
{
"cve": "CVE-2024-5920",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-5920",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5920.json"
}
],
"title": "CVE-2024-5920"
},
{
"cve": "CVE-2024-9472",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1687475"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9472",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9472.json"
}
],
"title": "CVE-2024-9472"
}
]
}
SSA-822518
Vulnerability from csaf_siemens - Published: 2024-04-09 00:00 - Updated: 2024-12-10 00:00Summary
SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices
Notes
Summary: Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1] https://security.paloaltonetworks.com/?version=10.2.2&product=PAN-OS
General Recommendations: As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources: For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use: The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
CWE-406
- Insufficient Control of Network Message Volume (Network Amplification)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-497
- Exposure of Sensitive System Information to an Unauthorized Control Sphere
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-73
- External Control of File Name or Path
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-522
- Insufficiently Protected Credentials
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-610
- Externally Controlled Reference to a Resource in Another Sphere
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-434
- Unrestricted Upload of File with Dangerous Type
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
CWE-918
- Server-Side Request Forgery (SSRF)
Affected products
Known affected
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
RUGGEDCOM APE1808
Siemens / RUGGEDCOM APE1808
|
vers:all/* |
Vendor Fix
|
References
2 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] https://security.paloaltonetworks.com/?version=10.2.2\u0026product=PAN-OS",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-822518.html"
},
{
"category": "self",
"summary": "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-822518.json"
}
],
"title": "SSA-822518: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW Before V11.0.1 on RUGGEDCOM APE1808 Devices",
"tracking": {
"current_release_date": "2024-12-10T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-822518",
"initial_release_date": "2024-04-09T00:00:00Z",
"revision_history": [
{
"date": "2024-04-09T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2024-08-13T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added newly published CVE-2024-5911"
},
{
"date": "2024-12-10T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added newly published CVE-2024-5917"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "RUGGEDCOM APE1808",
"product_id": "1"
}
}
],
"category": "product_name",
"name": "RUGGEDCOM APE1808"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-0028",
"cwe": {
"id": "CWE-406",
"name": "Insufficient Control of Network Message Volume (Network Amplification)"
},
"notes": [
{
"category": "summary",
"text": "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2022-0028"
},
{
"cve": "CVE-2023-0005",
"cwe": {
"id": "CWE-497",
"name": "Exposure of Sensitive System Information to an Unauthorized Control Sphere"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to expose the plaintext values of secrets stored in the device configuration and encrypted API keys.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0005"
},
{
"cve": "CVE-2023-0008",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write administrator with access to the web interface to export local files from the firewall through a race condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-0008"
},
{
"cve": "CVE-2023-6790",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator\u2019s browser when they view a specifically crafted link to the PAN-OS web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6790"
},
{
"cve": "CVE-2023-6791",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"notes": [
{
"category": "summary",
"text": "A credential disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to obtain the plaintext credentials of stored external system integrations such as LDAP, SCP, RADIUS, TACACS+, and SNMP from the web interface.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-6791"
},
{
"cve": "CVE-2023-38046",
"cwe": {
"id": "CWE-610",
"name": "Externally Controlled Reference to a Resource in Another Sphere"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated administrator with the privilege to commit a specifically created configuration to read local files and resources from the system.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2023-38046"
},
{
"cve": "CVE-2024-5911",
"cwe": {
"id": "CWE-434",
"name": "Unrestricted Upload of File with Dangerous Type"
},
"notes": [
{
"category": "summary",
"text": "An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-5911"
},
{
"cve": "CVE-2024-5917",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "summary",
"text": "server-side request forgery in PAN-OS software enables an unauthenticated attacker to use the administrative web interface as a proxy, which enables the attacker to view internal network resources not otherwise accessible.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "Upgrade Palo Alto Networks Virtual NGFW V11.0.1. Contact Siemens customer support to receive patch and update information.",
"product_ids": [
"1"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"1"
]
}
],
"title": "CVE-2024-5917"
}
]
}
WID-SEC-W-2024-3465
Vulnerability from csaf_certbund - Published: 2024-11-13 23:00 - Updated: 2024-11-13 23:00Summary
PaloAlto Networks PAN-OS: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.
Angriff: Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszulösen, führen dazu, dass die Firewall in den Wartungsmodus wechselt.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks / PAN-OS
|
<10.1.10 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 | ||
|
PaloAlto Networks PAN-OS <10.2.10-h7
PaloAlto Networks / PAN-OS
|
<10.2.10-h7 | ||
|
PaloAlto Networks PAN-OS <10.1.14
PaloAlto Networks / PAN-OS
|
<10.1.14 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 | ||
|
PaloAlto Networks PAN-OS <11.1.4
PaloAlto Networks / PAN-OS
|
<11.1.4 | ||
|
PaloAlto Networks PAN-OS <10.2.11
PaloAlto Networks / PAN-OS
|
<10.2.11 | ||
|
PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks / PAN-OS
|
<11.0.3 | ||
|
PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks / PAN-OS
|
<10.1.7 | ||
|
PaloAlto Networks PAN-OS <11.1.2-h14
PaloAlto Networks / PAN-OS
|
<11.1.2-h14 | ||
|
PaloAlto Networks PAN-OS <11.0.6
PaloAlto Networks / PAN-OS
|
<11.0.6 | ||
|
PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks / PAN-OS
|
<10.1.11 | ||
|
PaloAlto Networks PAN-OS <10.2.8-h13
PaloAlto Networks / PAN-OS
|
<10.2.8-h13 | ||
|
PaloAlto Networks PAN-OS <11.0.5
PaloAlto Networks / PAN-OS
|
<11.0.5 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <10.2.9-14
PaloAlto Networks / PAN-OS
|
<10.2.9-14 | ||
|
PaloAlto Networks PAN-OS <11.1.3-h10
PaloAlto Networks / PAN-OS
|
<11.1.3-h10 | ||
|
PaloAlto Networks PAN-OS <11.1.5
PaloAlto Networks / PAN-OS
|
<11.1.5 | ||
|
PaloAlto Networks PAN-OS <10.2.7-h16
PaloAlto Networks / PAN-OS
|
<10.2.7-h16 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein manipuliertes Paket durch die Datenebene sendet.
Affected products
Known affected
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks / PAN-OS
|
<11.0.3 | ||
|
PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks / PAN-OS
|
<10.1.7 | ||
|
PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks / PAN-OS
|
<10.1.11 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <11.0.5
PaloAlto Networks / PAN-OS
|
<11.0.5 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks / PAN-OS
|
<10.1.10 | ||
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 | ||
|
PaloAlto Networks PAN-OS <10.1.14
PaloAlto Networks / PAN-OS
|
<10.1.14 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund eines Befehlsinjektionsproblems. Ein lokaler Angreifer mit Administrator-Rechten kann diese Schwachstelle ausnutzen, um Dateien auf der Firewall zu löschen.
Affected products
Known affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <10.2.11-h4
PaloAlto Networks / PAN-OS
|
<10.2.11-h4 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 | ||
|
PaloAlto Networks PAN-OS <10.2.10-h7
PaloAlto Networks / PAN-OS
|
<10.2.10-h7 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 | ||
|
PaloAlto Networks PAN-OS <11.1.4
PaloAlto Networks / PAN-OS
|
<11.1.4 | ||
|
PaloAlto Networks PAN-OS <10.2.11
PaloAlto Networks / PAN-OS
|
<10.2.11 | ||
|
PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks / PAN-OS
|
<11.0.3 | ||
|
PaloAlto Networks PAN-OS <11.1.2-h14
PaloAlto Networks / PAN-OS
|
<11.1.2-h14 | ||
|
PaloAlto Networks PAN-OS <11.0.6
PaloAlto Networks / PAN-OS
|
<11.0.6 | ||
|
PaloAlto Networks PAN-OS <10.2.8-h13
PaloAlto Networks / PAN-OS
|
<10.2.8-h13 | ||
|
PaloAlto Networks PAN-OS <11.0.5
PaloAlto Networks / PAN-OS
|
<11.0.5 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <10.2.9-14
PaloAlto Networks / PAN-OS
|
<10.2.9-14 | ||
|
PaloAlto Networks PAN-OS <11.2.3
PaloAlto Networks / PAN-OS
|
<11.2.3 | ||
|
PaloAlto Networks PAN-OS <11.2.4
PaloAlto Networks / PAN-OS
|
<11.2.4 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <11.1.3-h10
PaloAlto Networks / PAN-OS
|
<11.1.3-h10 | ||
|
PaloAlto Networks PAN-OS <11.1.5
PaloAlto Networks / PAN-OS
|
<11.1.5 | ||
|
PaloAlto Networks PAN-OS <11.2.2-h3
PaloAlto Networks / PAN-OS
|
<11.2.2-h3 | ||
|
PaloAlto Networks PAN-OS <10.2.12
PaloAlto Networks / PAN-OS
|
<10.2.12 | ||
|
PaloAlto Networks PAN-OS <10.2.7-h16
PaloAlto Networks / PAN-OS
|
<10.2.7-h16 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen.
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks / PAN-OS
|
<10.1.7 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <11.1.4
PaloAlto Networks / PAN-OS
|
<11.1.4 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgemäßen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheitsüberprüfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben.
Affected products
Known affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks / PAN-OS
|
<11.0.3 | ||
|
PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks / PAN-OS
|
<10.1.7 | ||
|
PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks / PAN-OS
|
<10.1.11 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <11.2.3
PaloAlto Networks / PAN-OS
|
<11.2.3 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <11.2.2-h3
PaloAlto Networks / PAN-OS
|
<11.2.2-h3 | ||
|
PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks / PAN-OS
|
<10.1.10 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler ist auf eine unsachgemäße Behandlung von XML-Eingaben zurückzuführen, bei der externe Entitäten nicht ordnungsgemäß validiert und neutralisiert werden, was zu einer blinden XML External Entity (XXE) Injection-Schwachstelle führt. Ein entfernter, authentisierter Angreifer mit hohen Rechten kann diese Schwachstelle ausnutzen, um sensible Dateien aus dem System zu exfiltrieren.
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <11.0.6
PaloAlto Networks / PAN-OS
|
<11.0.6 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks / PAN-OS
|
<10.1.10 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 |
Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgemäße Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks / PAN-OS
|
<10.1.10 | ||
|
PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks / PAN-OS
|
<11.0.2 | ||
|
PaloAlto Networks PAN-OS <10.2.10-h7
PaloAlto Networks / PAN-OS
|
<10.2.10-h7 | ||
|
PaloAlto Networks PAN-OS <10.1.14
PaloAlto Networks / PAN-OS
|
<10.1.14 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 | ||
|
PaloAlto Networks PAN-OS <11.1.4
PaloAlto Networks / PAN-OS
|
<11.1.4 | ||
|
PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks / PAN-OS
|
<11.0.3 | ||
|
PaloAlto Networks PAN-OS <10.2.11
PaloAlto Networks / PAN-OS
|
<10.2.11 | ||
|
PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks / PAN-OS
|
<10.1.7 | ||
|
PaloAlto Networks PAN-OS <11.1.2-h14
PaloAlto Networks / PAN-OS
|
<11.1.2-h14 | ||
|
PaloAlto Networks PAN-OS <11.0.6
PaloAlto Networks / PAN-OS
|
<11.0.6 | ||
|
PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks / PAN-OS
|
<10.1.11 | ||
|
PaloAlto Networks PAN-OS <10.2.8-h13
PaloAlto Networks / PAN-OS
|
<10.2.8-h13 | ||
|
PaloAlto Networks PAN-OS <11.0.5
PaloAlto Networks / PAN-OS
|
<11.0.5 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <10.2.9-14
PaloAlto Networks / PAN-OS
|
<10.2.9-14 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <11.1.3-h10
PaloAlto Networks / PAN-OS
|
<11.1.3-h10 | ||
|
PaloAlto Networks PAN-OS <10.2.7-h16
PaloAlto Networks / PAN-OS
|
<10.2.7-h16 |
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht aufgrund eines Nullzeiger-Dereferenzierungsproblems bei bestimmten Hardwareplattformen, wenn die Decryption Policy aktiviert ist, was zu einem Absturz führt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen.
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks / PAN-OS
|
<10.2.5 | ||
|
PaloAlto Networks PAN-OS <10.2.11-h4
PaloAlto Networks / PAN-OS
|
<10.2.11-h4 | ||
|
PaloAlto Networks PAN-OS <10.2.10-h7
PaloAlto Networks / PAN-OS
|
<10.2.10-h7 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks / PAN-OS
|
<10.2.4-h6 | ||
|
PaloAlto Networks PAN-OS <10.2.11
PaloAlto Networks / PAN-OS
|
<10.2.11 | ||
|
PaloAlto Networks PAN-OS <11.1.2-h14
PaloAlto Networks / PAN-OS
|
<11.1.2-h14 | ||
|
PaloAlto Networks PAN-OS <10.2.8-h13
PaloAlto Networks / PAN-OS
|
<10.2.8-h13 | ||
|
PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks / PAN-OS
|
<10.2.4-h5 | ||
|
PaloAlto Networks PAN-OS <10.2.9-14
PaloAlto Networks / PAN-OS
|
<10.2.9-14 | ||
|
PaloAlto Networks PAN-OS <11.2.4
PaloAlto Networks / PAN-OS
|
<11.2.4 | ||
|
PaloAlto Networks PAN-OS <11.2.3
PaloAlto Networks / PAN-OS
|
<11.2.3 | ||
|
PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks / PAN-OS
|
<10.2.2 | ||
|
PaloAlto Networks PAN-OS <11.1.3-h10
PaloAlto Networks / PAN-OS
|
<11.1.3-h10 | ||
|
PaloAlto Networks PAN-OS <11.2.2-h3
PaloAlto Networks / PAN-OS
|
<11.2.2-h3 | ||
|
PaloAlto Networks PAN-OS <10.2.7-h16
PaloAlto Networks / PAN-OS
|
<10.2.7-h16 |
References
10 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3465 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3465 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-5918"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-5920"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
"url": "https://security.paloaltonetworks.com/CVE-2024-9472"
}
],
"source_lang": "en-US",
"title": "PaloAlto Networks PAN-OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-13T23:00:00.000+00:00",
"generator": {
"date": "2024-11-14T11:42:00.791+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3465",
"initial_release_date": "2024-11-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.1.5",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.1.5",
"product_id": "T039151"
}
},
{
"category": "product_version",
"name": "11.1.5",
"product": {
"name": "PaloAlto Networks PAN-OS 11.1.5",
"product_id": "T039151-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.6",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.0.6",
"product_id": "T039152"
}
},
{
"category": "product_version",
"name": "11.0.6",
"product": {
"name": "PaloAlto Networks PAN-OS 11.0.6",
"product_id": "T039152-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.11",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.11",
"product_id": "T039153"
}
},
{
"category": "product_version",
"name": "10.2.11",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.11",
"product_id": "T039153-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.5",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.0.5",
"product_id": "T039154"
}
},
{
"category": "product_version",
"name": "11.0.5",
"product": {
"name": "PaloAlto Networks PAN-OS 11.0.5",
"product_id": "T039154-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.5",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.5",
"product_id": "T039157"
}
},
{
"category": "product_version",
"name": "10.2.5",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.5",
"product_id": "T039157-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.4-h6",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.4-h6",
"product_id": "T039158"
}
},
{
"category": "product_version",
"name": "10.2.4-h6",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.4-h6",
"product_id": "T039158-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.14",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.1.14",
"product_id": "T039159"
}
},
{
"category": "product_version",
"name": "10.1.14",
"product": {
"name": "PaloAlto Networks PAN-OS 10.1.14",
"product_id": "T039159-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.14"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.4",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.2.4",
"product_id": "T039160"
}
},
{
"category": "product_version",
"name": "11.2.4",
"product": {
"name": "PaloAlto Networks PAN-OS 11.2.4",
"product_id": "T039160-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.12",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.12",
"product_id": "T039161"
}
},
{
"category": "product_version",
"name": "10.2.12",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.12",
"product_id": "T039161-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.2",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.2",
"product_id": "T039162"
}
},
{
"category": "product_version",
"name": "10.2.2",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.2",
"product_id": "T039162-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.7",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.1.7",
"product_id": "T039163"
}
},
{
"category": "product_version",
"name": "10.1.7",
"product": {
"name": "PaloAlto Networks PAN-OS 10.1.7",
"product_id": "T039163-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.3",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.0.3",
"product_id": "T039164"
}
},
{
"category": "product_version",
"name": "11.0.3",
"product": {
"name": "PaloAlto Networks PAN-OS 11.0.3",
"product_id": "T039164-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.4-h5",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.4-h5",
"product_id": "T039165"
}
},
{
"category": "product_version",
"name": "10.2.4-h5",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.4-h5",
"product_id": "T039165-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.11",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.1.11",
"product_id": "T039166"
}
},
{
"category": "product_version",
"name": "10.1.11",
"product": {
"name": "PaloAlto Networks PAN-OS 10.1.11",
"product_id": "T039166-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.11"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.2",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.0.2",
"product_id": "T039167"
}
},
{
"category": "product_version",
"name": "11.0.2",
"product": {
"name": "PaloAlto Networks PAN-OS 11.0.2",
"product_id": "T039167-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.10",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.1.10",
"product_id": "T039168"
}
},
{
"category": "product_version",
"name": "10.1.10",
"product": {
"name": "PaloAlto Networks PAN-OS 10.1.10",
"product_id": "T039168-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.1.4",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.1.4",
"product_id": "T039169"
}
},
{
"category": "product_version",
"name": "11.1.4",
"product": {
"name": "PaloAlto Networks PAN-OS 11.1.4",
"product_id": "T039169-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.3",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.2.3",
"product_id": "T039171"
}
},
{
"category": "product_version",
"name": "11.2.3",
"product": {
"name": "PaloAlto Networks PAN-OS 11.2.3",
"product_id": "T039171-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.2.2-h3",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.2.2-h3",
"product_id": "T039172"
}
},
{
"category": "product_version",
"name": "11.2.2-h3",
"product": {
"name": "PaloAlto Networks PAN-OS 11.2.2-h3",
"product_id": "T039172-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.2-h3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.1.3-h10",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.1.3-h10",
"product_id": "T039173"
}
},
{
"category": "product_version",
"name": "11.1.3-h10",
"product": {
"name": "PaloAlto Networks PAN-OS 11.1.3-h10",
"product_id": "T039173-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.3-h10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.1.2-h14",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c11.1.2-h14",
"product_id": "T039174"
}
},
{
"category": "product_version",
"name": "11.1.2-h14",
"product": {
"name": "PaloAlto Networks PAN-OS 11.1.2-h14",
"product_id": "T039174-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.2-h14"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.9-14",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.9-14",
"product_id": "T039176"
}
},
{
"category": "product_version",
"name": "10.2.9-14",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.9-14",
"product_id": "T039176-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.9-14"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.8-h13",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.8-h13",
"product_id": "T039177"
}
},
{
"category": "product_version",
"name": "10.2.8-h13",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.8-h13",
"product_id": "T039177-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.8-h13"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.10-h7",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.10-h7",
"product_id": "T039178"
}
},
{
"category": "product_version",
"name": "10.2.10-h7",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.10-h7",
"product_id": "T039178-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.10-h7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.11-h4",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.11-h4",
"product_id": "T039179"
}
},
{
"category": "product_version",
"name": "10.2.11-h4",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.11-h4",
"product_id": "T039179-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11-h4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.7-h16",
"product": {
"name": "PaloAlto Networks PAN-OS \u003c10.2.7-h16",
"product_id": "T039180"
}
},
{
"category": "product_version",
"name": "10.2.7-h16",
"product": {
"name": "PaloAlto Networks PAN-OS 10.2.7-h16",
"product_id": "T039180-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.7-h16"
}
}
}
],
"category": "product_name",
"name": "PAN-OS"
}
],
"category": "vendor",
"name": "PaloAlto Networks"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2550",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszul\u00f6sen, f\u00fchren dazu, dass die Firewall in den Wartungsmodus wechselt."
}
],
"product_status": {
"known_affected": [
"T039157",
"T039168",
"T039167",
"T039178",
"T039159",
"T039158",
"T039169",
"T039153",
"T039164",
"T039163",
"T039174",
"T039152",
"T039166",
"T039177",
"T039154",
"T039165",
"T039176",
"T039173",
"T039151",
"T039180"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-2550"
},
{
"cve": "CVE-2024-2551",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein manipuliertes Paket durch die Datenebene sendet."
}
],
"product_status": {
"known_affected": [
"T039164",
"T039163",
"T039166",
"T039165",
"T039154",
"T039162",
"T039168",
"T039157",
"T039167",
"T039159",
"T039158"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-2551"
},
{
"cve": "CVE-2024-2552",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund eines Befehlsinjektionsproblems. Ein lokaler Angreifer mit Administrator-Rechten kann diese Schwachstelle ausnutzen, um Dateien auf der Firewall zu l\u00f6schen."
}
],
"product_status": {
"known_affected": [
"T039157",
"T039179",
"T039167",
"T039178",
"T039158",
"T039169",
"T039153",
"T039164",
"T039174",
"T039152",
"T039177",
"T039154",
"T039165",
"T039176",
"T039171",
"T039160",
"T039162",
"T039173",
"T039151",
"T039172",
"T039161",
"T039180"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-2552"
},
{
"cve": "CVE-2024-5917",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen."
}
],
"product_status": {
"known_affected": [
"T039163",
"T039162",
"T039169"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-5917"
},
{
"cve": "CVE-2024-5918",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgem\u00e4\u00dfen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheits\u00fcberpr\u00fcfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben."
}
],
"product_status": {
"known_affected": [
"T039164",
"T039163",
"T039166",
"T039165",
"T039171",
"T039162",
"T039172",
"T039168",
"T039167"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-5918"
},
{
"cve": "CVE-2024-5919",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler ist auf eine unsachgem\u00e4\u00dfe Behandlung von XML-Eingaben zur\u00fcckzuf\u00fchren, bei der externe Entit\u00e4ten nicht ordnungsgem\u00e4\u00df validiert und neutralisiert werden, was zu einer blinden XML External Entity (XXE) Injection-Schwachstelle f\u00fchrt. Ein entfernter, authentisierter Angreifer mit hohen Rechten kann diese Schwachstelle ausnutzen, um sensible Dateien aus dem System zu exfiltrieren."
}
],
"product_status": {
"known_affected": [
"T039152",
"T039165",
"T039162",
"T039157",
"T039168",
"T039167",
"T039158"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-5919"
},
{
"cve": "CVE-2024-5920",
"notes": [
{
"category": "description",
"text": "Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgem\u00e4\u00dfe Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
}
],
"product_status": {
"known_affected": [
"T039157",
"T039168",
"T039167",
"T039178",
"T039159",
"T039158",
"T039169",
"T039164",
"T039153",
"T039163",
"T039174",
"T039152",
"T039166",
"T039177",
"T039154",
"T039165",
"T039176",
"T039162",
"T039173",
"T039180"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-5920"
},
{
"cve": "CVE-2024-9472",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht aufgrund eines Nullzeiger-Dereferenzierungsproblems bei bestimmten Hardwareplattformen, wenn die Decryption Policy aktiviert ist, was zu einem Absturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T039157",
"T039179",
"T039178",
"T039158",
"T039153",
"T039174",
"T039177",
"T039165",
"T039176",
"T039160",
"T039171",
"T039162",
"T039173",
"T039172",
"T039180"
]
},
"release_date": "2024-11-13T23:00:00.000+00:00",
"title": "CVE-2024-9472"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…