Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2024-AVI-0986
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Palo Alto Networks. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.2.x antérieures à 10.2.12 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.1.x antérieures à 11.1.5 | ||
| Palo Alto Networks | Prisma Access Browser | Prisma Access Browser versions antérieures à 130.117.2920.13 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.2.x antérieures à 11.2.4 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 10.1.x antérieures à 10.1.14 | ||
| Palo Alto Networks | PAN-OS | PAN-OS versions 11.0.x antérieures à 11.0.6 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "PAN-OS versions 10.2.x ant\u00e9rieures \u00e0 10.2.12",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.1.x ant\u00e9rieures \u00e0 11.1.5",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "Prisma Access Browser versions ant\u00e9rieures \u00e0 130.117.2920.13",
"product": {
"name": "Prisma Access Browser",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.2.x ant\u00e9rieures \u00e0 11.2.4",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 10.1.x ant\u00e9rieures \u00e0 10.1.14",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
},
{
"description": "PAN-OS versions 11.0.x ant\u00e9rieures \u00e0 11.0.6",
"product": {
"name": "PAN-OS",
"vendor": {
"name": "Palo Alto Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-2552",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2552"
},
{
"name": "CVE-2024-9962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9962"
},
{
"name": "CVE-2024-9959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9959"
},
{
"name": "CVE-2024-9965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9965"
},
{
"name": "CVE-2024-9966",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9966"
},
{
"name": "CVE-2024-9963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9963"
},
{
"name": "CVE-2024-9955",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9955"
},
{
"name": "CVE-2024-9472",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9472"
},
{
"name": "CVE-2024-10827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10827"
},
{
"name": "CVE-2024-9956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9956"
},
{
"name": "CVE-2024-9958",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9958"
},
{
"name": "CVE-2024-10229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10229"
},
{
"name": "CVE-2024-10488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10488"
},
{
"name": "CVE-2024-10230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10230"
},
{
"name": "CVE-2024-10487",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10487"
},
{
"name": "CVE-2024-9957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9957"
},
{
"name": "CVE-2024-5920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5920"
},
{
"name": "CVE-2024-2551",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2551"
},
{
"name": "CVE-2024-10826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10826"
},
{
"name": "CVE-2024-9960",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9960"
},
{
"name": "CVE-2024-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5918"
},
{
"name": "CVE-2024-2550",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2550"
},
{
"name": "CVE-2024-9954",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9954"
},
{
"name": "CVE-2024-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5917"
},
{
"name": "CVE-2024-10231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10231"
},
{
"name": "CVE-2024-9964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9964"
},
{
"name": "CVE-2024-9961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9961"
},
{
"name": "CVE-2024-5919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5919"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0986",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Palo Alto Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Palo Alto Networks",
"vendor_advisories": [
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-244950 et PAN-221352",
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-223185",
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-262287 et PAN-226361",
"url": "https://security.paloaltonetworks.com/CVE-2024-9472"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-261332",
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-115469",
"url": "https://security.paloaltonetworks.com/CVE-2024-5917"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-222484",
"url": "https://security.paloaltonetworks.com/CVE-2024-5920"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-216947",
"url": "https://security.paloaltonetworks.com/CVE-2024-5918"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-SA-2024-0016",
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0016"
},
{
"published_at": "2024-11-13",
"title": "Bulletin de s\u00e9curit\u00e9 Palo Alto Networks PAN-205062",
"url": "https://security.paloaltonetworks.com/CVE-2024-5919"
}
]
}
CVE-2024-10229 (GCVE-0-2024-10229)
Vulnerability from cvelistv5 – Published: 2024-10-22 21:43 – Updated: 2024-10-30 03:55
VLAI
EPSS
Summary
Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)
Severity
8.1 (High)
CWE
- Inappropriate implementation
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10229",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T03:55:21.562Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "130.0.6723.69",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Inappropriate implementation",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T21:43:10.643Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html"
},
{
"url": "https://issues.chromium.org/issues/371011220"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10229",
"datePublished": "2024-10-22T21:43:10.643Z",
"dateReserved": "2024-10-22T00:16:41.080Z",
"dateUpdated": "2024-10-30T03:55:21.562Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10230 (GCVE-0-2024-10230)
Vulnerability from cvelistv5 – Published: 2024-10-22 21:43 – Updated: 2024-10-30 03:55
VLAI
EPSS
Summary
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- CWE-843 - Type Confusion
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10230",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T03:55:23.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "130.0.6723.69",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Type Confusion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T21:43:11.083Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html"
},
{
"url": "https://issues.chromium.org/issues/371565065"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10230",
"datePublished": "2024-10-22T21:43:11.083Z",
"dateReserved": "2024-10-22T00:16:41.303Z",
"dateUpdated": "2024-10-30T03:55:23.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10231 (GCVE-0-2024-10231)
Vulnerability from cvelistv5 – Published: 2024-10-22 21:43 – Updated: 2024-10-30 03:55
VLAI
EPSS
Summary
Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- CWE-843 - Type Confusion
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10231",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-29T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "CWE-843 Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T03:55:24.531Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.69",
"status": "affected",
"version": "130.0.6723.69",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-843",
"description": "Type Confusion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-22T21:43:11.374Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html"
},
{
"url": "https://issues.chromium.org/issues/372269618"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10231",
"datePublished": "2024-10-22T21:43:11.374Z",
"dateReserved": "2024-10-22T00:16:41.580Z",
"dateUpdated": "2024-10-30T03:55:24.531Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10487 (GCVE-0-2024-10487)
Vulnerability from cvelistv5 – Published: 2024-10-29 21:55 – Updated: 2024-10-31 14:04
VLAI
EPSS
Summary
Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)
Severity
8.8 (High)
CWE
- CWE-787 - Out of bounds write
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10487",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T03:55:21.506442Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T14:04:11.091Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.92",
"status": "affected",
"version": "130.0.6723.92",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "Out of bounds write",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T21:55:42.286Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html"
},
{
"url": "https://issues.chromium.org/issues/375123371"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10487",
"datePublished": "2024-10-29T21:55:42.286Z",
"dateReserved": "2024-10-28T23:10:05.358Z",
"dateUpdated": "2024-10-31T14:04:11.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10488 (GCVE-0-2024-10488)
Vulnerability from cvelistv5 – Published: 2024-10-29 21:55 – Updated: 2024-10-31 14:04
VLAI
EPSS
Summary
Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- CWE-416 - Use after free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.92",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-31T03:55:23.181837Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T14:04:38.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.92",
"status": "affected",
"version": "130.0.6723.92",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T21:55:42.729Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html"
},
{
"url": "https://issues.chromium.org/issues/374310077"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10488",
"datePublished": "2024-10-29T21:55:42.729Z",
"dateReserved": "2024-10-28T23:10:05.634Z",
"dateUpdated": "2024-10-31T14:04:38.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10826 (GCVE-0-2024-10826)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:09 – Updated: 2024-11-06 17:03
VLAI
EPSS
Summary
Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- CWE-416 - Use after free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.116",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:02:53.486620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:03:00.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.116",
"status": "affected",
"version": "130.0.6723.116",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:09:21.643Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html"
},
{
"url": "https://issues.chromium.org/issues/370217726"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10826",
"datePublished": "2024-11-06T16:09:21.643Z",
"dateReserved": "2024-11-04T21:58:00.206Z",
"dateUpdated": "2024-11-06T17:03:00.737Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-10827 (GCVE-0-2024-10827)
Vulnerability from cvelistv5 – Published: 2024-11-06 16:09 – Updated: 2024-11-06 17:04
VLAI
EPSS
Summary
Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Severity
8.8 (High)
CWE
- CWE-416 - Use after free
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "chrome",
"vendor": "google",
"versions": [
{
"lessThan": "130.0.6723.116",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-10827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T17:04:09.734353Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T17:04:20.660Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Chrome",
"vendor": "Google",
"versions": [
{
"lessThan": "130.0.6723.116",
"status": "affected",
"version": "130.0.6723.116",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use after free",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:09:21.943Z",
"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"shortName": "Chrome"
},
"references": [
{
"url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html"
},
{
"url": "https://issues.chromium.org/issues/375065084"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
"assignerShortName": "Chrome",
"cveId": "CVE-2024-10827",
"datePublished": "2024-11-06T16:09:21.943Z",
"dateReserved": "2024-11-04T21:58:00.463Z",
"dateUpdated": "2024-11-06T17:04:20.660Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2550 (GCVE-0-2024-2550)
Vulnerability from cvelistv5 – Published: 2024-11-14 09:40 – Updated: 2024-11-14 14:11
VLAI
EPSS
Title
PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet
Summary
A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Severity
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-2550 | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
|
|
| Palo Alto Networks | PAN-OS |
Unaffected:
11.2.0
Affected: 11.1.0 , < 11.1.5 (custom) Affected: 11.0.0 , < 11.0.6 (custom) Affected: 10.2.0 , < 10.2.11 (custom) Unaffected: 10.1.0 cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* |
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
|
Date Public
2024-11-13 18:00
Credits
Michael Baker from AC3
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2550",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T14:11:13.254898Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T14:11:24.889Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.2.0"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.11",
"status": "unaffected"
}
],
"lessThan": "10.2.11",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue impacts only firewalls on which you configured a GlobalProtect gateway. You can verify whether you configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Gateways)."
}
],
"value": "This issue impacts only firewalls on which you configured a GlobalProtect gateway. You can verify whether you configured GlobalProtect gateway by checking for entries in your firewall web interface (Network \u2192 GlobalProtect \u2192 Gateways)."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Michael Baker from AC3"
}
],
"datePublic": "2024-11-13T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
}
],
"value": "A null pointer dereference vulnerability in the GlobalProtect gateway in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop the GlobalProtect service on the firewall by sending a specially crafted packet that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T09:40:38.838Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-2550"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.5, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 10.2.11, PAN-OS 11.0.6, PAN-OS 11.1.5, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-244950",
"PAN-221352"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway Using a Specially Crafted Packet"
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-2550",
"datePublished": "2024-11-14T09:40:38.838Z",
"dateReserved": "2024-03-15T22:43:26.399Z",
"dateUpdated": "2024-11-14T14:11:24.889Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2551 (GCVE-0-2024-2551)
Vulnerability from cvelistv5 – Published: 2024-11-14 09:36 – Updated: 2024-11-19 15:01
VLAI
EPSS
Title
PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet
Summary
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.
Severity
CWE
- CWE-476 - NULL Pointer Dereference
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-2551 | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
|
|
| Palo Alto Networks | PAN-OS |
Unaffected:
11.2.0
Unaffected: 11.1.0 Affected: 11.0.0 , < 11.0.5 (custom) Affected: 10.2.0 , < 10.2.4-h6 (custom) Affected: 10.1.0 , < 10.1.14 (custom) cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:* |
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
|
Date Public
2024-11-13 18:00
Credits
a customer
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2551",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T15:01:17.887695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T15:01:40.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "11.2.0"
},
{
"status": "unaffected",
"version": "11.1.0"
},
{
"changes": [
{
"at": "11.0.5",
"status": "unaffected"
}
],
"lessThan": "11.0.5",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.4-h6",
"status": "unaffected"
},
{
"at": "10.2.5",
"status": "unaffected"
}
],
"lessThan": "10.2.4-h6",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14",
"status": "unaffected"
}
],
"lessThan": "10.1.14",
"status": "affected",
"version": "10.1.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "a customer"
}
],
"datePublic": "2024-11-13T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
}
],
"value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "CWE-476 NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T09:36:09.876Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-2551"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-223185"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet"
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-2551",
"datePublished": "2024-11-14T09:36:09.876Z",
"dateReserved": "2024-03-15T22:43:27.814Z",
"dateUpdated": "2024-11-19T15:01:40.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2552 (GCVE-0-2024-2552)
Vulnerability from cvelistv5 – Published: 2024-11-14 09:39 – Updated: 2024-11-14 19:08
VLAI
EPSS
Title
PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)
Summary
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall.
Severity
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2024-2552 | vendor-advisory |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | Cloud NGFW |
Unaffected:
All
|
|
| Palo Alto Networks | PAN-OS |
Affected:
11.2.0 , < 11.2.4
(custom)
Affected: 11.1.0 , < 11.1.5 (custom) Affected: 11.0.0 , < 11.0.6 (custom) Affected: 10.2.0 , < 10.2.12 (custom) Unaffected: 10.1.0 cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* |
|
| Palo Alto Networks | Prisma Access |
Unaffected:
All
|
Date Public
2024-11-13 18:00
Credits
Bobby Storey
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T18:58:28.794154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T19:08:21.217Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud NGFW",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
},
{
"cpes": [
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
"cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "11.2.4",
"status": "unaffected"
}
],
"lessThan": "11.2.4",
"status": "affected",
"version": "11.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.1.5",
"status": "unaffected"
}
],
"lessThan": "11.1.5",
"status": "affected",
"version": "11.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "11.0.6",
"status": "unaffected"
}
],
"lessThan": "11.0.6",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.12",
"status": "unaffected"
}
],
"lessThan": "10.2.12",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "10.1.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Prisma Access",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bobby Storey"
}
],
"datePublic": "2024-11-13T18:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall."
}
],
"value": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions in the management plane and delete files on the firewall."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T09:39:06.523Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2024-2552"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in PAN-OS 10.2.12, PAN-OS 11.0.6, PAN-OS 11.1.5, PAN-OS 11.2.4, and all later PAN-OS versions."
}
],
"value": "This issue is fixed in PAN-OS 10.2.12, PAN-OS 11.0.6, PAN-OS 11.1.5, PAN-OS 11.2.4, and all later PAN-OS versions."
}
],
"source": {
"defect": [
"PAN-261332"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2024-11-13T17:00:00.000Z",
"value": "Initial publication"
}
],
"title": "PAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eWe strongly recommend customers to ensure access to your management interface is configured correctly in accordance with our recommended best practice deployment guidelines. In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. The vast majority of firewalls already follow this Palo Alto Networks and industry best practice.\u003c/p\u003ePlease see the following link for additional information regarding how to secure the management access of your palo alto networks device: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\"\u003ehttps://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431\u003c/a\u003e"
}
],
"value": "We strongly recommend customers to ensure access to your management interface is configured correctly in accordance with our recommended best practice deployment guidelines. In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. The vast majority of firewalls already follow this Palo Alto Networks and industry best practice.\n\nPlease see the following link for additional information regarding how to secure the management access of your palo alto networks device: https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2024-2552",
"datePublished": "2024-11-14T09:39:06.523Z",
"dateReserved": "2024-03-15T22:43:28.837Z",
"dateUpdated": "2024-11-14T19:08:21.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…