CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-8691 – PAN-OS: User Impersonation in GlobalProtect Portal
https://notcve.org/view.php?id=CVE-2024-8691
A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker. • https://security.paloaltonetworks.com/CVE-2024-8691 • CWE-863: Incorrect Authorization •
CVSS: 6.7EPSS: 0%CPEs: 3EXPL: 0CVE-2024-8688 – PAN-OS: Arbitrary File Read Vulnerability in the Command Line Interface (CLI)
https://notcve.org/view.php?id=CVE-2024-8688
An improper neutralization of matching symbols vulnerability in the Palo Alto Networks PAN-OS command line interface (CLI) enables authenticated administrators (including read-only administrators) with access to the CLI to to read arbitrary files on the firewall. • https://security.paloaltonetworks.com/CVE-2024-8688 • CWE-155: Improper Neutralization of Wildcards or Matching Symbols •
CVSS: 6.9EPSS: 0%CPEs: 12EXPL: 0CVE-2024-8687 – PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes
https://notcve.org/view.php?id=CVE-2024-8687
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so. • https://security.paloaltonetworks.com/CVE-2024-8687 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5911 – PAN-OS: File Upload Vulnerability in the Panorama Web Interface
https://notcve.org/view.php?id=CVE-2024-5911
An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online. Una vulnerabilidad de carga de archivos arbitraria en el software Panorama de Palo Alto Networks permite que un administrador de lectura y escritura autenticado con acceso a la interfaz web interrumpa los procesos del sistema y bloquee Panorama. Los ataques repetidos eventualmente hacen que Panorama entre en modo de mantenimiento, lo que requiere intervención manual para volver a ponerlo en línea. • https://security.paloaltonetworks.com/CVE-2024-5911 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.1EPSS: 0%CPEs: 4EXPL: 1CVE-2024-3388 – PAN-OS: User Impersonation in GlobalProtect SSL VPN
https://notcve.org/view.php?id=CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets. • https://github.com/Grantzile/PoC-CVE-2024-33883 https://security.paloaltonetworks.com/CVE-2024-3388 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •