cvelistv5 - cve-2024-5919

CVE-2024-5919 (GCVE-0-2024-5919)

Vulnerability from cvelistv5

Published

2024-11-14 09:36

Modified

2024-11-14 19:41

Severity ?

5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:C/RE:M/U:Amber

CWE

CWE-611 - Improper Restriction of XML External Entity Reference

Summary

A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2024-5919	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Palo Alto Networks

Cloud NGFW

	Palo Alto Networks	PAN-OS	Version: 11.0.0 < 11.0.2 Version: 10.2.0 < 10.2.5 Version: 10.1.0 < 10.1.10 cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1:-::::::
	Palo Alto Networks	Prisma Access

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5919",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T18:59:05.844837Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T19:41:04.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.2",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.5",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.10",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.10",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Dan Marin of Deloitte"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Cristian Mocanu of Deloitte"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Alex Hordijk"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface."
            }
          ],
          "value": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-201",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-201 XML Entity Linking"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "AUTOMATIC",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:36:46.390Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-205062"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-5919",
    "datePublished": "2024-11-14T09:36:46.390Z",
    "dateReserved": "2024-06-12T15:27:57.328Z",
    "dateUpdated": "2024-11-14T19:41:04.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de inyecci\\u00f3n ciega de entidades externas XML (XXE) en el software PAN-OS de Palo Alto Networks permite a un atacante autenticado extraer archivos arbitrarios de los firewalls a un servidor controlado por el atacante. Este ataque requiere acceso de red a la interfaz de administraci\\u00f3n del firewall.\"}]",
      "id": "CVE-2024-5919",
      "lastModified": "2024-11-15T13:58:08.913",
      "metrics": "{\"cvssMetricV40\": [{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Amber\", \"baseScore\": 5.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"LOW\", \"vulnerableSystemIntegrity\": \"LOW\", \"vulnerableSystemAvailability\": \"NONE\", \"subsequentSystemConfidentiality\": \"NONE\", \"subsequentSystemIntegrity\": \"NONE\", \"subsequentSystemAvailability\": \"NONE\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NO\", \"recovery\": \"AUTOMATIC\", \"valueDensity\": \"CONCENTRATED\", \"vulnerabilityResponseEffort\": \"MODERATE\", \"providerUrgency\": \"AMBER\"}}]}",
      "published": "2024-11-14T10:15:09.027",
      "references": "[{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-5919\", \"source\": \"psirt@paloaltonetworks.com\"}]",
      "sourceIdentifier": "psirt@paloaltonetworks.com",
      "vulnStatus": "Undergoing Analysis",
      "weaknesses": "[{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-611\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-5919\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2024-11-14T10:15:09.027\",\"lastModified\":\"2025-01-24T16:06:00.323\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de inyecci\u00f3n ciega de entidades externas XML (XXE) en el software PAN-OS de Palo Alto Networks permite a un atacante autenticado extraer archivos arbitrarios de los firewalls a un servidor controlado por el atacante. Este ataque requiere acceso de red a la interfaz de administraci\u00f3n del firewall.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Amber\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"LOW\",\"vulnerableSystemIntegrity\":\"LOW\",\"vulnerableSystemAvailability\":\"NONE\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NO\",\"recovery\":\"AUTOMATIC\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.10\",\"matchCriteriaId\":\"8F25D99D-0E7C-469B-977E-FCBD0AB2373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.5\",\"matchCriteriaId\":\"831B815F-436B-40D2-AFBA-9BE7275C2BEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.2\",\"matchCriteriaId\":\"8A69845B-51CA-4612-BCBA-96EF92F01D2F\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2024-5919\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-5919\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-14T18:59:05.844837Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-14T19:40:57.020Z\"}}], \"cna\": {\"title\": \"PAN-OS: Authenticated XML External Entities (XXE) Injection Vulnerability\", \"source\": {\"defect\": [\"PAN-205062\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Dan Marin of Deloitte\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Cristian Mocanu of Deloitte\"}, {\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Alex Hordijk\"}], \"impacts\": [{\"capecId\": \"CAPEC-201\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-201 XML Entity Linking\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 5.1, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:C/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"LOW\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.2.0\"}, {\"status\": \"unaffected\", \"version\": \"11.1.0\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.0.2\", \"status\": \"unaffected\"}], \"version\": \"11.0.0\", \"lessThan\": \"11.0.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.5\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.10\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.10\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-13T17:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in PAN-OS 10.1.10, PAN-OS 10.2.5, PAN-OS 11.0.2, and all later PAN-OS versions.\", \"base64\": false}]}], \"datePublic\": \"2024-11-13T18:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-5919\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-611\", \"description\": \"CWE-611 Improper Restriction of XML External Entity Reference\"}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2024-11-14T09:36:46.390Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-5919\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-14T19:41:04.355Z\", \"dateReserved\": \"2024-06-12T15:27:57.328Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-11-14T09:36:46.390Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

fkie_cve-2024-5919

Vulnerability from fkie_nvd

Published

2024-11-14 10:15

Modified

2025-01-24 16:06

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2024-5919	Vendor Advisory

Impacted products

Vendor	Product	Version
paloaltonetworks	pan-os	*
paloaltonetworks	pan-os	*
paloaltonetworks	pan-os	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F25D99D-0E7C-469B-977E-FCBD0AB2373E",
              "versionEndExcluding": "10.1.10",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "831B815F-436B-40D2-AFBA-9BE7275C2BEB",
              "versionEndExcluding": "10.2.5",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A69845B-51CA-4612-BCBA-96EF92F01D2F",
              "versionEndExcluding": "11.0.2",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de inyecci\u00f3n ciega de entidades externas XML (XXE) en el software PAN-OS de Palo Alto Networks permite a un atacante autenticado extraer archivos arbitrarios de los firewalls a un servidor controlado por el atacante. Este ataque requiere acceso de red a la interfaz de administraci\u00f3n del firewall."
    }
  ],
  "id": "CVE-2024-5919",
  "lastModified": "2025-01-24T16:06:00.323",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "AUTOMATIC",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-14T10:15:09.027",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-611"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ncsc-2024-0444

Vulnerability from csaf_ncscnl

Published

2024-11-14 12:38

Modified

2024-11-14 12:38

Summary

Kwetsbaarheden verholpen in Palo Alto PAN-OS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.

Oplossingen

Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-918

Server-Side Request Forgery (SSRF)

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611

Improper Restriction of XML External Entity Reference

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Palo Alto PAN-OS",
    "tracking": {
      "current_release_date": "2024-11-14T12:38:50.941039Z",
      "id": "NCSC-2024-0444",
      "initial_release_date": "2024-11-14T12:38:50.941039Z",
      "revision_history": [
        {
          "date": "2024-11-14T12:38:50.941039Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-1687475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloalto_networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "cloud_ngfw",
            "product": {
              "name": "cloud_ngfw",
              "product_id": "CSAFPID-842692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-842690",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloaltonetworks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2550.json"
        }
      ],
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2551",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2551.json"
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2552",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2552.json"
        }
      ],
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5917",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5917.json"
        }
      ],
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5918",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5918.json"
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5919",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5919.json"
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5920.json"
        }
      ],
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9472.json"
        }
      ],
      "title": "CVE-2024-9472"
    }
  ]
}

NCSC-2024-0444

Vulnerability from csaf_ncscnl

Published

2024-11-14 12:38

Modified

2024-11-14 12:38

Summary

Kwetsbaarheden verholpen in Palo Alto PAN-OS

Notes

Feiten

Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.

Interpretaties

Oplossingen

Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-918

Server-Side Request Forgery (SSRF)

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611

Improper Restriction of XML External Entity Reference

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Palo Alto PAN-OS",
    "tracking": {
      "current_release_date": "2024-11-14T12:38:50.941039Z",
      "id": "NCSC-2024-0444",
      "initial_release_date": "2024-11-14T12:38:50.941039Z",
      "revision_history": [
        {
          "date": "2024-11-14T12:38:50.941039Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-1687475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloalto_networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "cloud_ngfw",
            "product": {
              "name": "cloud_ngfw",
              "product_id": "CSAFPID-842692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-842690",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloaltonetworks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2550.json"
        }
      ],
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2551",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2551.json"
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2552",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2552.json"
        }
      ],
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5917",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5917.json"
        }
      ],
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5918",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5918.json"
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5919",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5919.json"
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5920.json"
        }
      ],
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9472.json"
        }
      ],
      "title": "CVE-2024-9472"
    }
  ]
}

icsa-24-102-04

Vulnerability from csaf_cisa

Published

2024-04-09 00:00

Modified

2025-05-13 00:00

Summary

Siemens RUGGEDCOM APE1808

Notes

Summary

Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities. Siemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks' upstream security notifications. [1] https://security.paloaltonetworks.com/

General Recommendations

As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals. Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

Legal Notice

All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Advisory Conversion Disclaimer

This ICSA is a verbatim republication of Siemens ProductCERT SSA-455250 from a direct conversion of their vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.

Critical infrastructure sectors

Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities

Countries/areas deployed

Worldwide

Company headquarters location

Germany

Recommended Practices

CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.

Recommended Practices

Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.

Recommended Practices

Locate control system networks and remote devices behind firewalls and isolate them from business networks.

Recommended Practices

When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.

Recommended Practices

CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.

Recommended Practices

CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices

CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.

Recommended Practices

Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "Siemens ProductCERT",
        "summary": "reporting these vulnerabilities to CISA."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1]  https://security.paloaltonetworks.com/",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "other",
        "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-455250 from a direct conversion of their vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory.  Further, CISA does not endorse any commercial product or service.  Please contact Siemens ProductCERT directly for any questions regarding this advisory.",
        "title": "Advisory Conversion Disclaimer"
      },
      {
        "category": "other",
        "text": "Critical Manufacturing, Transportation Systems, Energy, Healthcare and Public Health, Financial Services, Government Services and Facilities",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "central@cisa.dhs.gov",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json"
      },
      {
        "category": "self",
        "summary": "SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-455250.html"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-102-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-102-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-24-102-04 - Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-102-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/topics/industrial-control-systems"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Siemens RUGGEDCOM APE1808",
    "tracking": {
      "current_release_date": "2025-05-13T00:00:00.000000Z",
      "generator": {
        "date": "2025-05-19T14:50:37.882441Z",
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-24-102-04",
      "initial_release_date": "2024-04-09T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2024-04-09T00:00:00.000000Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-05-14T00:00:00.000000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added newly published upstream vulnerabilities: CVE-2017-8923, CVE-2017-9120, CVE-2020-25658, CVE-2021-21708, CVE-2021-43527, CVE-2022-1271, CVE-2022-31676, CVE-2022-3515, CVE-2022-37454, CVE-2022-47629, CVE-2023-0286, CVE-2024-3383, CVE-2024-3386, CVE-2024-3387, CVE-2024-3388, CVE-2024-3400"
        },
        {
          "date": "2024-07-09T00:00:00.000000Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added fix for RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW. Moved CVE-2023-48795 to SSA-364175"
        },
        {
          "date": "2024-09-10T00:00:00.000000Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added newly published upstream vulnerability CVE-2024-5916"
        },
        {
          "date": "2024-10-08T00:00:00.000000Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added newly published upstream vulnerability CVE-2024-8688"
        },
        {
          "date": "2024-12-10T00:00:00.000000Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added newly published upstream vulnerabilities CVE-2024-2551, CVE-2024-5918, CVE-2024-5919"
        },
        {
          "date": "2025-05-13T00:00:00.000000Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added newly published upstream vulnerability CVE-2025-0127"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "CSAFPID-0001"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "CSAFPID-0002"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-8923",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script\u0027s use of .= with a long string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2017-8923"
    },
    {
      "cve": "CVE-2017-9120",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2017-9120"
    },
    {
      "cve": "CVE-2020-25658",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2020-25658"
    },
    {
      "cve": "CVE-2021-21708",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-21708"
    },
    {
      "cve": "CVE-2021-43527",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. Note: This vulnerability does NOT impact Mozilla Firefox. However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS \u003c 3.73 and NSS \u003c 3.68.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2021-43527"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-3515",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-3515"
    },
    {
      "cve": "CVE-2022-31676",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-31676"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-47629",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2022-47629"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "CSAFPID-0001"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-6789",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-6789"
    },
    {
      "cve": "CVE-2023-6793",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2023-6793"
    },
    {
      "cve": "CVE-2023-38802",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0002"
          ]
        }
      ],
      "title": "CVE-2023-38802"
    },
    {
      "cve": "CVE-2024-0008",
      "cwe": {
        "id": "CWE-613",
        "name": "Insufficient Session Expiration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-0008"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-3383",
      "cwe": {
        "id": "CWE-282",
        "name": "Improper Ownership Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-3383"
    },
    {
      "cve": "CVE-2024-3386",
      "cwe": {
        "id": "CWE-436",
        "name": "Interpretation Conflict"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-3386"
    },
    {
      "cve": "CVE-2024-3387",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-3387"
    },
    {
      "cve": "CVE-2024-3388",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-3388"
    },
    {
      "cve": "CVE-2024-5916",
      "cwe": {
        "id": "CWE-312",
        "name": "Cleartext Storage of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        }
      ],
      "title": "CVE-2024-5916"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you \"Allow Authentication with User Credentials OR Client Certificate.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-8688",
      "cwe": {
        "id": "CWE-155",
        "name": "Improper Neutralization of Wildcards or Matching Symbols"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002"
          ]
        }
      ],
      "title": "CVE-2024-8688"
    },
    {
      "cve": "CVE-2025-0127",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "CSAFPID-0003"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0003"
          ]
        }
      ],
      "title": "CVE-2025-0127"
    }
  ]
}

ssa-455250

Vulnerability from csaf_siemens

Published

2024-04-09 00:00

Modified

2025-05-13 00:00

Summary

SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3

Notes

Summary

General Recommendations

Additional Resources

For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories

The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Palo Alto Networks has published [1] information on vulnerabilities in PAN-OS. This advisory lists the related Siemens Industrial products affected by these vulnerabilities.\n\nSiemens has released a new version of Palo Alto Networks Virtual NGFW for RUGGEDCOM APE1808 and recommends to update to the latest version. Customers are advised to consult and implement the workarounds provided in Palo Alto Networks\u0027 upstream security notifications.\n\n[1]  https://security.paloaltonetworks.com/",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
        "title": "General Recommendations"
      },
      {
        "category": "general",
        "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "productcert@siemens.com",
      "name": "Siemens ProductCERT",
      "namespace": "https://www.siemens.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 - HTML Version",
        "url": "https://cert-portal.siemens.com/productcert/html/ssa-455250.html"
      },
      {
        "category": "self",
        "summary": "SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3 - CSAF Version",
        "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-455250.json"
      }
    ],
    "title": "SSA-455250: Multiple Vulnerabilities in Palo Alto Networks Virtual NGFW on RUGGEDCOM APE1808 Devices Before V11.1.2-h3",
    "tracking": {
      "current_release_date": "2025-05-13T00:00:00Z",
      "generator": {
        "engine": {
          "name": "Siemens ProductCERT CSAF Generator",
          "version": "1"
        }
      },
      "id": "SSA-455250",
      "initial_release_date": "2024-04-09T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-04-09T00:00:00Z",
          "legacy_version": "1.0",
          "number": "1",
          "summary": "Publication Date"
        },
        {
          "date": "2024-05-14T00:00:00Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added newly published upstream vulnerabilities: CVE-2017-8923, CVE-2017-9120, CVE-2020-25658, CVE-2021-21708, CVE-2021-43527, CVE-2022-1271, CVE-2022-31676, CVE-2022-3515, CVE-2022-37454, CVE-2022-47629, CVE-2023-0286, CVE-2024-3383, CVE-2024-3386, CVE-2024-3387, CVE-2024-3388, CVE-2024-3400"
        },
        {
          "date": "2024-07-09T00:00:00Z",
          "legacy_version": "1.2",
          "number": "3",
          "summary": "Added fix for RUGGEDCOM APE1808 devices configured with Palo Alto Networks Virtual NGFW. Moved CVE-2023-48795 to SSA-364175"
        },
        {
          "date": "2024-09-10T00:00:00Z",
          "legacy_version": "1.3",
          "number": "4",
          "summary": "Added newly published upstream vulnerability CVE-2024-5916"
        },
        {
          "date": "2024-10-08T00:00:00Z",
          "legacy_version": "1.4",
          "number": "5",
          "summary": "Added newly published upstream vulnerability CVE-2024-8688"
        },
        {
          "date": "2024-12-10T00:00:00Z",
          "legacy_version": "1.5",
          "number": "6",
          "summary": "Added newly published upstream vulnerabilities CVE-2024-2551, CVE-2024-5918, CVE-2024-5919"
        },
        {
          "date": "2025-05-13T00:00:00Z",
          "legacy_version": "1.6",
          "number": "7",
          "summary": "Added newly published upstream vulnerability CVE-2025-0127"
        }
      ],
      "status": "final",
      "version": "7"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version_range",
                "name": "vers:all/*",
                "product": {
                  "name": "RUGGEDCOM APE1808",
                  "product_id": "3"
                }
              }
            ],
            "category": "product_name",
            "name": "RUGGEDCOM APE1808"
          }
        ],
        "category": "vendor",
        "name": "Siemens"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-8923",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script\u0027s use of .= with a long string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2017-8923"
    },
    {
      "cve": "CVE-2017-9120",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a long string because of an Integer overflow in mysqli_real_escape_string.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2017-9120"
    },
    {
      "cve": "CVE-2020-25658",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "notes": [
        {
          "category": "summary",
          "text": "It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2020-25658"
    },
    {
      "cve": "CVE-2021-21708",
      "cwe": {
        "id": "CWE-416",
        "name": "Use After Free"
      },
      "notes": [
        {
          "category": "summary",
          "text": "In PHP versions 7.4.x below 7.4.28, 8.0.x below 8.0.16, and 8.1.x below 8.1.3, when using filter functions with FILTER_VALIDATE_FLOAT filter and min/max limits, if the filter fails, there is a possibility to trigger use of allocated memory after free, which can result it crashes, and potentially in overwrite of other memory chunks and RCE. This issue affects: code that uses FILTER_VALIDATE_FLOAT with min/max limits.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-21708"
    },
    {
      "cve": "CVE-2021-43527",
      "cwe": {
        "id": "CWE-787",
        "name": "Out-of-bounds Write"
      },
      "notes": [
        {
          "category": "summary",
          "text": "NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. Note: This vulnerability does NOT impact Mozilla Firefox. However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS \u003c 3.73 and NSS \u003c 3.68.1.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2021-43527"
    },
    {
      "cve": "CVE-2022-1271",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An arbitrary file write vulnerability was found in GNU gzip\u0027s zgrep utility. When zgrep is applied on the attacker\u0027s chosen file name (for example, a crafted file name), this can overwrite an attacker\u0027s content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-1271"
    },
    {
      "cve": "CVE-2022-3515",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-3515"
    },
    {
      "cve": "CVE-2022-31676",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-31676"
    },
    {
      "cve": "CVE-2022-37454",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-37454"
    },
    {
      "cve": "CVE-2022-47629",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2022-47629"
    },
    {
      "cve": "CVE-2023-0286",
      "cwe": {
        "id": "CWE-843",
        "name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This field is subsequently interpreted by the OpenSSL function GENERAL_NAME_cmp as an ASN1_TYPE rather than an ASN1_STRING. When CRL checking is enabled (i.e. the application sets the X509_V_FLAG_CRL_CHECK flag), this vulnerability may allow an attacker to pass arbitrary pointers to a memcmp call, enabling them to read memory contents or enact a denial of service. In most cases, the attack requires the attacker to provide both the certificate chain and CRL, neither of which need to have a valid signature. If the attacker only controls one of these inputs, the other input must already contain an X.400 address as a CRL distribution point, which is uncommon. As such, this vulnerability is most likely to only affect applications which have implemented their own functionality for retrieving CRLs over a network.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Disable CRL (certification revocation list) checking, if possible",
          "product_ids": [
            "1"
          ]
        },
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-0286"
    },
    {
      "cve": "CVE-2023-6789",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6789"
    },
    {
      "cve": "CVE-2023-6793",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML API usage.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2023-6793"
    },
    {
      "cve": "CVE-2023-38802",
      "cwe": {
        "id": "CWE-754",
        "name": "Improper Check for Unusual or Exceptional Conditions"
      },
      "notes": [
        {
          "category": "summary",
          "text": "FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation).",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "2"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "2"
          ]
        }
      ],
      "title": "CVE-2023-38802"
    },
    {
      "cve": "CVE-2024-0008",
      "cwe": {
        "id": "CWE-613",
        "name": "Insufficient Session Expiration"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-0008"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-3383",
      "cwe": {
        "id": "CWE-282",
        "name": "Improper Ownership Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in how Palo Alto Networks PAN-OS software processes data received from Cloud Identity Engine (CIE) agents enables modification of User-ID groups. This impacts user access to network resources where users may be inappropriately denied or allowed access to resources based on your existing Security Policy rules.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-3383"
    },
    {
      "cve": "CVE-2024-3386",
      "cwe": {
        "id": "CWE-436",
        "name": "Interpretation Conflict"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-3386"
    },
    {
      "cve": "CVE-2024-3387",
      "cwe": {
        "id": "CWE-326",
        "name": "Inadequate Encryption Strength"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-3387"
    },
    {
      "cve": "CVE-2024-3388",
      "cwe": {
        "id": "CWE-269",
        "name": "Improper Privilege Management"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-3388"
    },
    {
      "cve": "CVE-2024-5916",
      "cwe": {
        "id": "CWE-312",
        "name": "Cleartext Storage of Sensitive Information"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1"
          ]
        }
      ],
      "title": "CVE-2024-5916"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper certificate validation vulnerability in Palo Alto Networks PAN-OS software enables an authorized user with a specially crafted client certificate to connect to an impacted GlobalProtect portal or GlobalProtect gateway as a different legitimate user. This attack is possible only if you \"Allow Authentication with User Credentials OR Client Certificate.\"",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-201",
        "name": "Insertion of Sensitive Information Into Sent Data"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-8688",
      "cwe": {
        "id": "CWE-155",
        "name": "Improper Neutralization of Wildcards or Matching Symbols"
      },
      "notes": [
        {
          "category": "summary",
          "text": "An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "1",
          "2"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "1",
            "2"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          },
          "products": [
            "1",
            "2"
          ]
        }
      ],
      "title": "CVE-2024-8688"
    },
    {
      "cve": "CVE-2025-0127",
      "cwe": {
        "id": "CWE-78",
        "name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
      },
      "notes": [
        {
          "category": "summary",
          "text": "A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to bypass system restrictions and run arbitrary commands as a root user. This issue is only applicable to PAN-OS VM-Series. This issue does not affect firewalls that are already deployed.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "3"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Upgrade Palo Alto Networks Virtual NGFW V11.1.2-h3. Contact customer support to receive patch and update information",
          "product_ids": [
            "3"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "3"
          ]
        }
      ],
      "title": "CVE-2025-0127"
    }
  ]
}

ghsa-m359-59cc-2426

Vulnerability from github

Published

2024-11-14 12:31

Modified

2025-01-24 18:31

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:C/RE:M/U:Amber

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-5919"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-611"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-14T10:15:09Z",
    "severity": "MODERATE"
  },
  "details": "A blind XML External Entities (XXE) injection vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker to exfiltrate arbitrary files from firewalls to an attacker controlled server. This attack requires network access to the firewall management interface.",
  "id": "GHSA-m359-59cc-2426",
  "modified": "2025-01-24T18:31:12Z",
  "published": "2024-11-14T12:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5919"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:C/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

wid-sec-w-2024-3465

Vulnerability from csaf_certbund

Published

2024-11-13 23:00

Modified

2024-11-13 23:00

Summary

PaloAlto Networks PAN-OS: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.

Angriff

Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3465 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3465 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks PAN-OS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-13T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-14T11:42:00.791+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3465",
      "initial_release_date": "2024-11-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.5",
                  "product_id": "T039151"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.5",
                  "product_id": "T039151-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.6",
                  "product_id": "T039152"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.6",
                  "product_id": "T039152-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11",
                  "product_id": "T039153"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11",
                  "product_id": "T039153-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.5",
                  "product_id": "T039154"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.5",
                  "product_id": "T039154-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.5",
                  "product_id": "T039157"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.5",
                  "product_id": "T039157-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h6",
                  "product_id": "T039158"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h6",
                  "product_id": "T039158-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.14",
                  "product_id": "T039159"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.14",
                  "product_id": "T039159-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.4",
                  "product_id": "T039160"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.4",
                  "product_id": "T039160-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.12",
                  "product_id": "T039161"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.12",
                  "product_id": "T039161-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.2",
                  "product_id": "T039162"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.2",
                  "product_id": "T039162-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.7",
                  "product_id": "T039163"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.7",
                  "product_id": "T039163-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.3",
                  "product_id": "T039164"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.3",
                  "product_id": "T039164-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h5",
                  "product_id": "T039165"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h5",
                  "product_id": "T039165-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.11",
                  "product_id": "T039166"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.11",
                  "product_id": "T039166-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.2",
                  "product_id": "T039167"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.2",
                  "product_id": "T039167-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.10",
                  "product_id": "T039168"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.10",
                  "product_id": "T039168-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.4",
                  "product_id": "T039169"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.4",
                  "product_id": "T039169-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.3",
                  "product_id": "T039171"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.3",
                  "product_id": "T039171-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.2-h3",
                  "product_id": "T039172"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.2-h3",
                  "product_id": "T039172-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.2-h3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.3-h10",
                  "product_id": "T039173"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.3-h10",
                  "product_id": "T039173-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.3-h10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.2-h14",
                  "product_id": "T039174"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.2-h14",
                  "product_id": "T039174-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.2-h14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.9-14",
                  "product_id": "T039176"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.9-14",
                  "product_id": "T039176-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.9-14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.8-h13",
                  "product_id": "T039177"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.8-h13",
                  "product_id": "T039177-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.8-h13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.10-h7",
                  "product_id": "T039178"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.10-h7",
                  "product_id": "T039178-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.10-h7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11-h4",
                  "product_id": "T039179"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11-h4",
                  "product_id": "T039179-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11-h4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.7-h16",
                  "product_id": "T039180"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.7-h16",
                  "product_id": "T039180-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.7-h16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PAN-OS"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszul\u00f6sen, f\u00fchren dazu, dass die Firewall in den Wartungsmodus wechselt."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039173",
          "T039151",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein manipuliertes Paket durch die Datenebene sendet."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039154",
          "T039162",
          "T039168",
          "T039157",
          "T039167",
          "T039159",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund eines Befehlsinjektionsproblems. Ein lokaler Angreifer mit Administrator-Rechten kann diese Schwachstelle ausnutzen, um Dateien auf der Firewall zu l\u00f6schen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039167",
          "T039178",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039174",
          "T039152",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039171",
          "T039160",
          "T039162",
          "T039173",
          "T039151",
          "T039172",
          "T039161",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039163",
          "T039162",
          "T039169"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgem\u00e4\u00dfen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheits\u00fcberpr\u00fcfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039171",
          "T039162",
          "T039172",
          "T039168",
          "T039167"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler ist auf eine unsachgem\u00e4\u00dfe Behandlung von XML-Eingaben zur\u00fcckzuf\u00fchren, bei der externe Entit\u00e4ten nicht ordnungsgem\u00e4\u00df validiert und neutralisiert werden, was zu einer blinden XML External Entity (XXE) Injection-Schwachstelle f\u00fchrt. Ein entfernter, authentisierter Angreifer mit hohen Rechten kann diese Schwachstelle ausnutzen, um sensible Dateien aus dem System zu exfiltrieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039152",
          "T039165",
          "T039162",
          "T039157",
          "T039168",
          "T039167",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "notes": [
        {
          "category": "description",
          "text": "Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgem\u00e4\u00dfe Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039164",
          "T039153",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039162",
          "T039173",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht aufgrund eines Nullzeiger-Dereferenzierungsproblems bei bestimmten Hardwareplattformen, wenn die Decryption Policy aktiviert ist, was zu einem Absturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039178",
          "T039158",
          "T039153",
          "T039174",
          "T039177",
          "T039165",
          "T039176",
          "T039160",
          "T039171",
          "T039162",
          "T039173",
          "T039172",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-9472"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-5919 (GCVE-0-2024-5919)

Vulnerability from cvelistv5

fkie_cve-2024-5919

Vulnerability from fkie_nvd

ncsc-2024-0444

Vulnerability from csaf_ncscnl

NCSC-2024-0444

Vulnerability from csaf_ncscnl

icsa-24-102-04

Vulnerability from csaf_cisa

ssa-455250

Vulnerability from csaf_siemens

ghsa-m359-59cc-2426

Vulnerability from github

wid-sec-w-2024-3465

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature