Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ICSA-24-193-11
Vulnerability from csaf_cisa
Published
2024-07-09 00:00
Modified
2024-11-12 00:00
Summary
Siemens RUGGEDCOM APE 1808
Notes
Summary
Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.
Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications.
[1]
https://security.paloaltonetworks.com/
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ "document": { "acknowledgments": [ { "organization": "Siemens ProductCERT", "summary": "reporting these vulnerabilities to CISA." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1] \nhttps://security.paloaltonetworks.com/", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.", "title": "Terms of Use" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "other", "text": "This CISA CSAF advisory was converted from Siemens ProductCERT\u0027s CSAF advisory.", "title": "Advisory Conversion Disclaimer" }, { "category": "other", "text": "Multiple", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" } ], "publisher": { "category": "other", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-364175.json" }, { "category": "self", "summary": "SSA-364175: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.4-h1 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-364175.html" }, { "category": "self", "summary": "ICS Advisory ICSA-24-193-11 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-193-11.json" }, { "category": "self", "summary": "ICS Advisory ICSA-24-193-11 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-193-11" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens RUGGEDCOM APE 1808", "tracking": { "current_release_date": "2024-11-12T00:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-24-193-11", "initial_release_date": "2024-07-09T00:00:00.000000Z", "revision_history": [ { "date": "2024-07-09T00:00:00.000000Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" }, { "date": "2024-08-13T00:00:00.000000Z", "legacy_version": "1.1", "number": "2", "summary": "Added newly published CVE-2024-5913 and CVE-2024-3596" }, { "date": "2024-10-08T00:00:00.000000Z", "legacy_version": "1.2", "number": "3", "summary": "Added CVE-2023-48795, CVE-2024-3596, CVE-2024-5913 and fix version information for Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 devices" }, { "date": "2024-11-12T00:00:00.000000Z", "legacy_version": "1.3", "number": "4", "summary": "Added newly published CVE-2024-9468 and CVE-2024-9471. Added CVSSv4.0 vector to CVE-2024-5913" } ], "status": "final", "version": "4" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "RUGGEDCOM APE1808", "product_id": "CSAFPID-0001" } }, { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "RUGGEDCOM APE1808", "product_id": "CSAFPID-0002" } } ], "category": "product_name", "name": "RUGGEDCOM APE1808" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2023-48795", "cwe": { "id": "CWE-222", "name": "Truncation of Security-relevant Information" }, "notes": [ { "category": "summary", "text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "remediations": [ { "category": "vendor_fix", "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information", "product_ids": [ "CSAFPID-0001" ] }, { "category": "workaround", "details": "CVE-2023-48795: Customers can resolve this issue by configuring the in-use SSH profile to contain at least one cipher and at least one MAC algorithm, which removes support for CHACHA20-POLY1305 and all Encrypt-then-MAC algorithms available (ciphers with -etm in the name) in PAN-OS software. See Palo Alto Networks\u0027 upstream documentation \nhttps://security.paloaltonetworks.com/CVE-2023-48795 for additional guidance", "product_ids": [ "CSAFPID-0001" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ], "title": "CVE-2023-48795" }, { "cve": "CVE-2024-3596", "cwe": { "id": "CWE-924", "name": "Improper Enforcement of Message Integrity During Transmission in a Communication Channel" }, "notes": [ { "category": "summary", "text": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify responses Access-Reject or Access-Accept using a chosen-prefix collision attack against MD5 Response Authenticator signature.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0002" ] }, "remediations": [ { "category": "mitigation", "details": "Restrict access to the networks where RADIUS messages are exchanged (e.g., send RADIUS traffic via management network or a dedicated VLAN)", "product_ids": [ "CSAFPID-0002" ] }, { "category": "mitigation", "details": "Con\ufb01gure the RADIUS server to require the presence of a Message-Authenticator attribute in all Access-Request packets from RADIUS client devices that support it", "product_ids": [ "CSAFPID-0002" ] }, { "category": "vendor_fix", "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information", "product_ids": [ "CSAFPID-0002" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.0, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0002" ] } ], "title": "CVE-2024-3596" }, { "cve": "CVE-2024-5913", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0002" ] }, "remediations": [ { "category": "vendor_fix", "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information", "product_ids": [ "CSAFPID-0002" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0002" ] } ], "title": "CVE-2024-5913" }, { "cve": "CVE-2024-9468", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0002" ] }, "remediations": [ { "category": "vendor_fix", "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information", "product_ids": [ "CSAFPID-0002" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0002" ] } ], "title": "CVE-2024-9468" }, { "cve": "CVE-2024-9471", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0002" ] }, "remediations": [ { "category": "vendor_fix", "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.4-h1. Contact customer support to receive patch and update information", "product_ids": [ "CSAFPID-0002" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "CSAFPID-0002" ] } ], "title": "CVE-2024-9471" } ] }
cve-2024-3596
Vulnerability from cvelistv5
Published
2024-07-09 12:02
Modified
2024-08-29 14:32
Severity ?
EPSS score ?
Summary
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature.
References
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:ietf:rfc:2865:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "rfc", "vendor": "ietf", "versions": [ { "status": "affected", "version": "2865" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-3596", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-11T03:55:37.141738Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-24T20:18:28.202Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-29T14:32:14.851Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "https://security.netapp.com/advisory/ntap-20240822-0001/" }, { "url": "https://today.ucsd.edu/story/computer-scientists-discover-vulnerabilities-in-a-popular-security-protocol" }, { "tags": [ "x_transferred" ], "url": "https://datatracker.ietf.org/doc/html/rfc2865" }, { "tags": [ "x_transferred" ], "url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/" }, { "tags": [ "x_transferred" ], "url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf" }, { "tags": [ "x_transferred" ], "url": "https://www.blastradius.fail/" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/07/09/4" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014" } ], "title": "CVE Program Container", "x_generator": { "engine": "ADPogram 0.0.1" } } ], "cna": { "affected": [ { "product": "RFC", "vendor": "IETF", "versions": [ { "status": "affected", "version": "2865" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Thanks to Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl who researched and reported this vulnerability" } ], "descriptions": [ { "lang": "en", "value": "RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response (Access-Accept, Access-Reject, or Access-Challenge) to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-328: Use of Weak Hash", "lang": "en" } ] }, { "descriptions": [ { "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en" } ] }, { "descriptions": [ { "description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel", "lang": "en" } ] } ], "providerMetadata": { "dateUpdated": "2024-07-09T14:08:23.145Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "url": "https://datatracker.ietf.org/doc/html/rfc2865" }, { "url": "https://datatracker.ietf.org/doc/draft-ietf-radext-deprecating-radius/" }, { "url": "https://networkradius.com/assets/pdf/radius_and_md5_collisions.pdf" }, { "url": "https://www.blastradius.fail/" }, { "url": "http://www.openwall.com/lists/oss-security/2024/07/09/4" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0014" } ], "source": { "discovery": "EXTERNAL" }, "title": "RADIUS Protocol under RFC2865 is vulnerable to forgery attacks.", "x_generator": { "engine": "VINCE 3.0.4", "env": "prod", "origin": "https://cveawg.mitre.org/api/cve/CVE-2024-3596" } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2024-3596", "datePublished": "2024-07-09T12:02:53.001Z", "dateReserved": "2024-04-10T15:09:45.391Z", "dateUpdated": "2024-08-29T14:32:14.851Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-9471
Vulnerability from cvelistv5
Published
2024-10-09 17:06
Modified
2024-10-18 11:58
Severity ?
EPSS score ?
Summary
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.
References
▼ | URL | Tags |
---|---|---|
https://security.paloaltonetworks.com/CVE-2024-9471 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Palo Alto Networks | PAN-OS |
Version: 11.0.0 < 11.0.3 Version: 10.1.0 < 10.1.11 Version: 10.2.0 < 10.2.8 Version: 9.1 Version: 9.0 cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.19:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.18:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.17:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.15:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0:-:*:*:*:*:*:* |
||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "11.0.3", "status": "affected", "version": "11.0.0", "versionType": "custom" }, { "lessThan": "10.1.11", "status": "affected", "version": "10.1.0", "versionType": "custom" }, { "lessThan": "10.2.8", "status": "affected", "version": "10.2.0", "versionType": "custom" }, { "status": "affected", "version": "9.1" }, { "status": "affected", "version": "9.0" }, { "status": "unaffected", "version": "11.1.0" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-9471", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-09T20:28:43.911070Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T20:33:15.742Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.19:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.18:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.17:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.15:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.13:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.12:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.11:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0:-:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "11.1.0" }, { "changes": [ { "at": "11.0.3", "status": "unaffected" } ], "lessThan": "11.0.3", "status": "affected", "version": "11.0.0", "versionType": "custom" }, { "changes": [ { "at": "10.1.11", "status": "unaffected" } ], "lessThan": "10.1.11", "status": "affected", "version": "10.1.0", "versionType": "custom" }, { "changes": [ { "at": "10.2.8", "status": "unaffected" } ], "lessThan": "10.2.8", "status": "affected", "version": "10.2.0", "versionType": "custom" }, { "status": "affected", "version": "9.1" }, { "status": "affected", "version": "9.0" } ] }, { "defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "All" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\u003cbr\u003e\u003cbr\u003eYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access" } ], "value": "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access" } ], "credits": [ { "lang": "en", "type": "finder", "value": "Palo Alto Networks thanks an external reporter for discovering and reporting this issue." } ], "datePublic": "2024-10-09T16:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations." } ], "value": "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "impacts": [ { "capecId": "CAPEC-233", "descriptions": [ { "lang": "en", "value": "CAPEC-233 Privilege Escalation" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "NO", "Recovery": "AUTOMATIC", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "GREEN", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Green", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "LOW" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-18T11:58:13.115Z", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://security.paloaltonetworks.com/CVE-2024-9471" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions." } ], "value": "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions." } ], "source": { "defect": [ "PAN-217511", "PAN-152631" ], "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2024-10-09T16:00:00.000Z", "value": "Initial publication" } ], "title": "PAN-OS: Privilege Escalation (PE) Vulnerability in XML API", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\"\u003ehttps://docs.paloaltonetworks.com/best-practices\u003c/a\u003e." } ], "value": "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices ." } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2024-9471", "datePublished": "2024-10-09T17:06:41.456Z", "dateReserved": "2024-10-03T11:35:17.822Z", "dateUpdated": "2024-10-18T11:58:13.115Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-48795
Vulnerability from cvelistv5
Published
2023-12-18 00:00
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T21:46:27.255Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "tags": [ "x_transferred" ], "url": "https://matt.ucc.asn.au/dropbear/CHANGES" }, { "tags": [ "x_transferred" ], "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES" }, { "tags": [ "x_transferred" ], "url": "https://www.netsarang.com/en/xshell-update-history/" }, { "tags": [ "x_transferred" ], "url": "https://www.paramiko.org/changelog.html" }, { "tags": [ "x_transferred" ], "url": "https://www.openssh.com/openbsd.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/openssh/openssh-portable/commits/master" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ" }, { "tags": [ "x_transferred" ], "url": "https://www.bitvise.com/ssh-server-version-history" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ronf/asyncssh/tags" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/libssh/libssh-mirror/-/tags" }, { "tags": [ "x_transferred" ], "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42" }, { "tags": [ "x_transferred" ], "url": "https://www.openssh.com/txt/release-9.6" }, { "tags": [ "x_transferred" ], "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/" }, { "tags": [ "x_transferred" ], "url": "https://www.terrapin-attack.com" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst" }, { "tags": [ "x_transferred" ], "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "tags": [ "x_transferred" ], "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005" }, { "tags": [ "x_transferred" ], "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/paramiko/paramiko/issues/2337" }, { "tags": [ "x_transferred" ], "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=38684904" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=38685286" }, { "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mwiede/jsch/issues/457" }, { "tags": [ "x_transferred" ], "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6" }, { "tags": [ "x_transferred" ], "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8" }, { "tags": [ "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/source-package/libssh2" }, { "tags": [ "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg" }, { "tags": [ "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "tags": [ "x_transferred" ], "url": "https://bugs.gentoo.org/920280" }, { "tags": [ "x_transferred" ], "url": "https://ubuntu.com/security/CVE-2023-48795" }, { "tags": [ "x_transferred" ], "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/" }, { "tags": [ "x_transferred" ], "url": "https://access.redhat.com/security/cve/cve-2023-48795" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mwiede/jsch/pull/461" }, { "tags": [ "x_transferred" ], "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6" }, { "tags": [ "x_transferred" ], "url": "https://github.com/libssh2/libssh2/pull/1291" }, { "tags": [ "x_transferred" ], "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack" }, { "tags": [ "x_transferred" ], "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5" }, { "tags": [ "x_transferred" ], "url": "https://github.com/rapier1/hpn-ssh/releases" }, { "tags": [ "x_transferred" ], "url": "https://github.com/proftpd/proftpd/issues/456" }, { "tags": [ "x_transferred" ], "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15" }, { "tags": [ "x_transferred" ], "url": "https://oryx-embedded.com/download/#changelog" }, { "tags": [ "x_transferred" ], "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update" }, { "tags": [ "x_transferred" ], "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22" }, { "tags": [ "x_transferred" ], "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab" }, { "tags": [ "x_transferred" ], "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3" }, { "tags": [ "x_transferred" ], "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC" }, { "tags": [ "x_transferred" ], "url": "https://crates.io/crates/thrussh/versions" }, { "tags": [ "x_transferred" ], "url": "https://github.com/NixOS/nixpkgs/pull/275249" }, { "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5" }, { "tags": [ "x_transferred" ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc" }, { "tags": [ "x_transferred" ], "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/" }, { "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "tags": [ "x_transferred" ], "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html" }, { "tags": [ "x_transferred" ], "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES" }, { "tags": [ "x_transferred" ], "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES" }, { "tags": [ "x_transferred" ], "url": "https://github.com/apache/mina-sshd/issues/445" }, { "tags": [ "x_transferred" ], "url": "https://github.com/hierynomus/sshj/issues/916" }, { "tags": [ "x_transferred" ], "url": "https://github.com/janmojzis/tinyssh/issues/81" }, { "tags": [ "x_transferred" ], "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "tags": [ "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16" }, { "name": "FEDORA-2023-0733306be9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/" }, { "name": "DSA-5586", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "tags": [ "x_transferred" ], "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508" }, { "tags": [ "x_transferred" ], "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh" }, { "tags": [ "x_transferred" ], "url": "https://filezilla-project.org/versions.php" }, { "tags": [ "x_transferred" ], "url": "https://nova.app/releases/#v11.8" }, { "tags": [ "x_transferred" ], "url": "https://roumenpetrov.info/secsh/#news20231220" }, { "tags": [ "x_transferred" ], "url": "https://www.vandyke.com/products/securecrt/history.txt" }, { "tags": [ "x_transferred" ], "url": "https://help.panic.com/releasenotes/transmit5/" }, { "tags": [ "x_transferred" ], "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta" }, { "tags": [ "x_transferred" ], "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189" }, { "tags": [ "x_transferred" ], "url": "https://winscp.net/eng/docs/history#6.2.2" }, { "tags": [ "x_transferred" ], "url": "https://www.bitvise.com/ssh-client-version-history#933" }, { "tags": [ "x_transferred" ], "url": "https://github.com/cyd01/KiTTY/issues/520" }, { "name": "DSA-5588", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5588" }, { "tags": [ "x_transferred" ], "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165" }, { "tags": [ "x_transferred" ], "url": "https://news.ycombinator.com/item?id=38732005" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "name": "GLSA-202312-16", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-16" }, { "name": "GLSA-202312-17", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "name": "FEDORA-2023-20feb865d8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/" }, { "name": "FEDORA-2023-cb8c606fbb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/" }, { "name": "FEDORA-2023-e77300e4b5", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/" }, { "name": "FEDORA-2023-b87ec6cf47", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/" }, { "name": "FEDORA-2023-153404713b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" }, { "name": "FEDORA-2024-3bb23c77f3", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/" }, { "name": "FEDORA-2023-55800423a8", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" }, { "name": "FEDORA-2024-d946b9ad25", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/" }, { "name": "FEDORA-2024-71c2c6526c", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/" }, { "name": "FEDORA-2024-39a8c72ea9", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/" }, { "tags": [ "x_transferred" ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002" }, { "name": "FEDORA-2024-ae653fb07b", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/" }, { "name": "FEDORA-2024-2705241461", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/" }, { "name": "FEDORA-2024-fb32950d11", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/" }, { "name": "FEDORA-2024-7b08207cdb", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/" }, { "name": "FEDORA-2024-06ebb70bdd", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/" }, { "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html" }, { "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html" }, { "name": "FEDORA-2024-a53b24023d", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/" }, { "name": "FEDORA-2024-3fd1bc9276", "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/" }, { "tags": [ "x_transferred" ], "url": "https://support.apple.com/kb/HT214084" }, { "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", "tags": [ "mailing-list", "x_transferred" ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", "tags": [ "mailing-list", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8" }, { "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", "tags": [ "mailing-list", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-01T18:06:23.972272", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "url": "https://matt.ucc.asn.au/dropbear/CHANGES" }, { "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES" }, { "url": "https://www.netsarang.com/en/xshell-update-history/" }, { "url": "https://www.paramiko.org/changelog.html" }, { "url": "https://www.openssh.com/openbsd.html" }, { "url": "https://github.com/openssh/openssh-portable/commits/master" }, { "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ" }, { "url": "https://www.bitvise.com/ssh-server-version-history" }, { "url": "https://github.com/ronf/asyncssh/tags" }, { "url": "https://gitlab.com/libssh/libssh-mirror/-/tags" }, { "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/" }, { "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42" }, { "url": "https://www.openssh.com/txt/release-9.6" }, { "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/" }, { "url": "https://www.terrapin-attack.com" }, { "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25" }, { "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst" }, { "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/" }, { "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2" }, { "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0" }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005" }, { "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d" }, { "url": "https://github.com/paramiko/paramiko/issues/2337" }, { "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg" }, { "url": "https://news.ycombinator.com/item?id=38684904" }, { "url": "https://news.ycombinator.com/item?id=38685286" }, { "name": "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3" }, { "url": "https://github.com/mwiede/jsch/issues/457" }, { "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10\u0026id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6" }, { "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1" }, { "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8" }, { "url": "https://security-tracker.debian.org/tracker/source-package/libssh2" }, { "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg" }, { "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795" }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "url": "https://bugs.gentoo.org/920280" }, { "url": "https://ubuntu.com/security/CVE-2023-48795" }, { "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/" }, { "url": "https://access.redhat.com/security/cve/cve-2023-48795" }, { "url": "https://github.com/mwiede/jsch/pull/461" }, { "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6" }, { "url": "https://github.com/libssh2/libssh2/pull/1291" }, { "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack" }, { "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5" }, { "url": "https://github.com/rapier1/hpn-ssh/releases" }, { "url": "https://github.com/proftpd/proftpd/issues/456" }, { "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1" }, { "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15" }, { "url": "https://oryx-embedded.com/download/#changelog" }, { "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update" }, { "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22" }, { "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab" }, { "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3" }, { "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC" }, { "url": "https://crates.io/crates/thrussh/versions" }, { "url": "https://github.com/NixOS/nixpkgs/pull/275249" }, { "name": "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5" }, { "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc" }, { "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/" }, { "name": "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html" }, { "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES" }, { "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES" }, { "url": "https://github.com/apache/mina-sshd/issues/445" }, { "url": "https://github.com/hierynomus/sshj/issues/916" }, { "url": "https://github.com/janmojzis/tinyssh/issues/81" }, { "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2" }, { "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16" }, { "name": "FEDORA-2023-0733306be9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/" }, { "name": "DSA-5586", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508" }, { "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh" }, { "url": "https://filezilla-project.org/versions.php" }, { "url": "https://nova.app/releases/#v11.8" }, { "url": "https://roumenpetrov.info/secsh/#news20231220" }, { "url": "https://www.vandyke.com/products/securecrt/history.txt" }, { "url": "https://help.panic.com/releasenotes/transmit5/" }, { "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta" }, { "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189" }, { "url": "https://winscp.net/eng/docs/history#6.2.2" }, { "url": "https://www.bitvise.com/ssh-client-version-history#933" }, { "url": "https://github.com/cyd01/KiTTY/issues/520" }, { "name": "DSA-5588", "tags": [ "vendor-advisory" ], "url": "https://www.debian.org/security/2023/dsa-5588" }, { "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165" }, { "url": "https://news.ycombinator.com/item?id=38732005" }, { "name": "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "name": "GLSA-202312-16", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-16" }, { "name": "GLSA-202312-17", "tags": [ "vendor-advisory" ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "name": "FEDORA-2023-20feb865d8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/" }, { "name": "FEDORA-2023-cb8c606fbb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/" }, { "name": "FEDORA-2023-e77300e4b5", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/" }, { "name": "FEDORA-2023-b87ec6cf47", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/" }, { "name": "FEDORA-2023-153404713b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/" }, { "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" }, { "name": "FEDORA-2024-3bb23c77f3", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/" }, { "name": "FEDORA-2023-55800423a8", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" }, { "name": "FEDORA-2024-d946b9ad25", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/" }, { "name": "FEDORA-2024-71c2c6526c", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/" }, { "name": "FEDORA-2024-39a8c72ea9", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/" }, { "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002" }, { "name": "FEDORA-2024-ae653fb07b", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/" }, { "name": "FEDORA-2024-2705241461", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/" }, { "name": "FEDORA-2024-fb32950d11", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/" }, { "name": "FEDORA-2024-7b08207cdb", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/" }, { "name": "FEDORA-2024-06ebb70bdd", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/" }, { "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html" }, { "name": "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html" }, { "name": "FEDORA-2024-a53b24023d", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/" }, { "name": "FEDORA-2024-3fd1bc9276", "tags": [ "vendor-advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/" }, { "url": "https://support.apple.com/kb/HT214084" }, { "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", "tags": [ "mailing-list" ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "name": "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", "tags": [ "mailing-list" ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "name": "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8" }, { "name": "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", "tags": [ "mailing-list" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-48795", "datePublished": "2023-12-18T00:00:00", "dateReserved": "2023-11-20T00:00:00", "dateUpdated": "2024-08-02T21:46:27.255Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-9468
Vulnerability from cvelistv5
Published
2024-10-09 17:05
Modified
2024-10-18 11:53
Severity ?
EPSS score ?
Summary
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.
References
▼ | URL | Tags |
---|---|---|
https://security.paloaltonetworks.com/CVE-2024-9468 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Palo Alto Networks | PAN-OS |
Version: 10.2.0 < 10.2.9-h11 Version: 11.0.0 < 11.0.4-h5 Version: 11.1.0 < 11.1.3 cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* |
||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-9468", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-09T21:06:48.028506Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-09T21:06:56.884Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "10.1.0" }, { "changes": [ { "at": "10.2.9-h11", "status": "unaffected" }, { "at": "10.2.10-h4", "status": "unaffected" }, { "at": "10.2.11", "status": "unaffected" } ], "lessThan": "10.2.9-h11", "status": "affected", "version": "10.2.0", "versionType": "custom" }, { "changes": [ { "at": "11.0.4-h5", "status": "unaffected" }, { "at": "11.0.6", "status": "unaffected" } ], "lessThan": "11.0.4-h5", "status": "affected", "version": "11.0.0", "versionType": "custom" }, { "changes": [ { "at": "11.1.3", "status": "unaffected" } ], "lessThan": "11.1.3", "status": "affected", "version": "11.1.0", "versionType": "custom" }, { "status": "unaffected", "version": "11.2.0" } ] }, { "defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [ { "status": "unaffected", "version": "All" } ] } ], "configurations": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue affects only PAN-OS configurations where both of the following are true:\u003cbr\u003e* Threat Prevention is enabled, and\u003cbr\u003e* The TP signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile." } ], "value": "This issue affects only PAN-OS configurations where both of the following are true:\n* Threat Prevention is enabled, and\n* The TP signature 86467 (\"Possible Domain Fronting Detection-SNI\") is enabled on an Anti-Spyware profile." } ], "credits": [ { "lang": "en", "type": "finder", "value": "Jeff Luo of Palo Alto Networks" } ], "datePublic": "2024-10-09T16:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode." } ], "value": "A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "impacts": [ { "capecId": "CAPEC-100", "descriptions": [ { "lang": "en", "value": "CAPEC-100 Overflow Buffers" } ] } ], "metrics": [ { "cvssV4_0": { "Automatable": "YES", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.2, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:L/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-18T11:53:46.752Z", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://security.paloaltonetworks.com/CVE-2024-9468" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions." } ], "value": "This issue is fixed in 10.2.9-h11, 10.2.10-h4, PAN-OS 10.2.11, PAN-OS 11.0.4-h5, PAN-OS 11.0.6, PAN-OS 11.1.3, and all later PAN-OS versions." } ], "source": { "defect": [ "PAN-244840" ], "discovery": "INTERNAL" }, "timeline": [ { "lang": "en", "time": "2024-10-09T16:00:00.000Z", "value": "Initial publication" } ], "title": "PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet", "workarounds": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)." } ], "value": "Customers with a Threat Prevention subscription can block attacks for this vulnerability by enabling Threat ID 94971 (introduced in Applications and Threats content version 8854)." } ], "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2024-9468", "datePublished": "2024-10-09T17:05:29.055Z", "dateReserved": "2024-10-03T11:35:15.246Z", "dateUpdated": "2024-10-18T11:53:46.752Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-5913
Vulnerability from cvelistv5
Published
2024-07-10 18:40
Modified
2024-08-06 04:19
Severity ?
EPSS score ?
Summary
An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges.
References
Impacted products
Vendor | Product | Version | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Palo Alto Networks | PAN-OS |
Version: 10.1.0 < 10.1.14-h2 Version: 10.2.0 < 10.2.10 Version: 11.0.0 < 11.0.5 Version: 11.1.0 < 11.1.4 Version: 11.2.0 < 11.2.1 |
||||||||
|
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "10.2.10", "status": "affected", "version": "10.2.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:11.2:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "11.2.1", "status": "affected", "version": "11.2", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "11.1.4", "status": "affected", "version": "11.1.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "11.0.5", "status": "affected", "version": "11.0.0", "versionType": "custom" } ] }, { "cpes": [ "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:*:*:*:*:*:*:*" ], "defaultStatus": "unaffected", "product": "pan-os", "vendor": "paloaltonetworks", "versions": [ { "lessThan": "10.1.14-h2", "status": "affected", "version": "10.1.0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-5913", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-07-10T19:50:29.169156Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-10T20:05:27.355Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T21:25:02.975Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://security.paloaltonetworks.com/CVE-2024-5913" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "defaultStatus": "unaffected", "product": "PAN-OS", "vendor": "Palo Alto Networks", "versions": [ { "changes": [ { "at": "10.1.14-h2", "status": "unaffected" } ], "lessThan": "10.1.14-h2", "status": "affected", "version": "10.1.0", "versionType": "custom" }, { "changes": [ { "at": "10.2.10", "status": "unaffected" } ], "lessThan": "10.2.10", "status": "affected", "version": "10.2.0", "versionType": "custom" }, { "changes": [ { "at": "11.0.5", "status": "unaffected" } ], "lessThan": "11.0.5", "status": "affected", "version": "11.0.0", "versionType": "custom" }, { "changes": [ { "at": "11.1.4", "status": "unaffected" } ], "lessThan": "11.1.4", "status": "affected", "version": "11.1.0", "versionType": "custom" }, { "changes": [ { "at": "11.2.1", "status": "unaffected" } ], "lessThan": "11.2.1", "status": "affected", "version": "11.2.0", "versionType": "custom" } ] }, { "defaultStatus": "unaffected", "product": "Cloud NGFW", "vendor": "Palo Alto Networks", "versions": [ { "status": "affected", "version": "None" }, { "status": "unaffected", "version": "All" } ] }, { "defaultStatus": "unaffected", "product": "Prisma Access", "vendor": "Palo Alto Networks", "versions": [ { "status": "affected", "version": "None" }, { "status": "unaffected", "version": "All" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Independent Security Researcher Pear1y" }, { "lang": "en", "type": "finder", "value": "Joel Land of CISA Vulnerability Response and Coordination" }, { "lang": "en", "type": "finder", "value": "rqu" }, { "lang": "en", "type": "finder", "value": "Enrique Castillo of Palo Alto Networks" } ], "datePublic": "2024-07-10T16:00:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges." } ], "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges." } ], "exploits": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.\u003cbr\u003e" } ], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "impacts": [ { "capecId": "CAPEC-153", "descriptions": [ { "lang": "en", "value": "CAPEC-153 Input Data Manipulation" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-08-06T04:19:19.068Z", "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto" }, "references": [ { "url": "https://security.paloaltonetworks.com/CVE-2024-5913" } ], "solutions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions.\u003cbr\u003e" } ], "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions." } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "en", "time": "2024-07-10T16:00:00.000Z", "value": "Initial publication" } ], "title": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS", "x_generator": { "engine": "Vulnogram 0.1.0-dev" }, "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "psirt@paloaltonetworks.com", "DATE_PUBLIC": "2024-07-10T16:00:00.000Z", "ID": "CVE-2024-5913", "STATE": "PUBLIC", "TITLE": "PAN-OS: Improper Input Validation Vulnerability in PAN-OS" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "PAN-OS", "version": { "version_data": [ { "version_affected": "\u003c", "version_name": "10.1", "version_value": "10.1.14-h2" }, { "version_affected": "!\u003e=", "version_name": "10.1", "version_value": "10.1.14-h2" }, { "version_affected": "\u003c", "version_name": "10.2", "version_value": "10.2.10" }, { "version_affected": "!\u003e=", "version_name": "10.2", "version_value": "10.2.10" }, { "version_affected": "\u003c", "version_name": "11.0", "version_value": "11.0.5" }, { "version_affected": "!\u003e=", "version_name": "11.0", "version_value": "11.0.5" }, { "version_affected": "\u003c", "version_name": "11.1", "version_value": "11.1.4" }, { "version_affected": "!\u003e=", "version_name": "11.1", "version_value": "11.1.4" }, { "version_affected": "\u003c", "version_name": "11.2", "version_value": "11.2.1" }, { "version_affected": "!\u003e=", "version_name": "11.2", "version_value": "11.2.1" } ] } }, { "product_name": "Cloud NGFW", "version": { "version_data": [ { "version_affected": "=", "version_value": "None" }, { "version_affected": "!", "version_value": "All" } ] } }, { "product_name": "Prisma Access", "version": { "version_data": [ { "version_affected": "=", "version_value": "None" }, { "version_affected": "!", "version_value": "All" } ] } } ] }, "vendor_name": "Palo Alto Networks" } ] } }, "credit": [ { "lang": "eng", "value": "Palo Alto Networks thanks Independent Security Researcher Pear1y, Joel Land of CISA Vulnerability Response and Coordination, and Enrique Castillo of Palo Alto Networks for discovering and reporting this issue." } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An improper input validation vulnerability in Palo Alto Networks PAN-OS software enables an attacker with the ability to tamper with the physical file system to elevate privileges." } ] }, "exploit": [ { "lang": "eng", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue." } ], "generator": { "engine": "vulnogram 0.1.0-rc1" }, "impact": { "cvss": { "Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "PHYSICAL", "baseScore": 5.4, "baseSeverity": "MEDIUM", "privilegesRequired": "HIGH", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:P/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE" } }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-20 Improper Input Validation" } ] } ] }, "references": { "reference_data": [ { "refsource": "CONFIRM", "url": "https://security.paloaltonetworks.com/CVE-2023-case-PAN-253982" } ] }, "solution": [ { "lang": "eng", "value": "This issue is fixed in PAN-OS 10.1.14-h2, PAN-OS 10.2.10, PAN-OS 11.0.5, PAN-OS 11.1.4, PAN-OS 11.2.1, and all later PAN-OS versions." } ], "source": { "discovery": "EXTERNAL" }, "timeline": [ { "lang": "eng", "time": "2024-07-10T16:00:00.000Z", "value": "Initial publication" } ] } } }, "cveMetadata": { "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "assignerShortName": "palo_alto", "cveId": "CVE-2024-5913", "datePublished": "2024-07-10T18:40:29.769Z", "dateReserved": "2024-06-12T15:27:56.398Z", "dateUpdated": "2024-08-06T04:19:19.068Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.