CVSS: 5.2EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5907 – Cortex XDR Agent: Local Privilege Escalation (PE) Vulnerability
https://notcve.org/view.php?id=CVE-2024-5907
A privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices enables a local user to execute programs with elevated privileges. However, execution does require the local user to successfully exploit a race condition, which makes this vulnerability difficult to exploit. Una vulnerabilidad de escalada de privilegios (PE) en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite a un usuario local ejecutar programas con privilegios elevados. Sin embargo, la ejecución requiere que el usuario local aproveche con éxito una condición de ejecución, lo que hace que esta vulnerabilidad sea difícil de explotar. • https://security.paloaltonetworks.com/CVE-2024-5907 • CWE-269: Improper Privilege Management •
CVSS: 2.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-5905 – Cortex XDR Agent: Local Windows User Can Disrupt Functionality of the Agent
https://notcve.org/view.php?id=CVE-2024-5905
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local low privileged Windows user to disrupt some functionality of the agent. However, they are not able to disrupt Cortex XDR agent protection mechanisms using this vulnerability. Un problema con un mecanismo de protección en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite que un usuario local de Windows con pocos privilegios interrumpa algunas funciones del agente. Sin embargo, no pueden interrumpir los mecanismos de protección del agente Cortex XDR utilizando esta vulnerabilidad. • https://security.paloaltonetworks.com/CVE-2024-5905 • CWE-346: Origin Validation Error •
CVSS: 4.1EPSS: 0%CPEs: 4EXPL: 1CVE-2024-3388 – PAN-OS: User Impersonation in GlobalProtect SSL VPN
https://notcve.org/view.php?id=CVE-2024-3388
A vulnerability in the GlobalProtect Gateway in Palo Alto Networks PAN-OS software enables an authenticated attacker to impersonate another user and send network packets to internal assets. However, this vulnerability does not allow the attacker to receive response packets from those internal assets. • https://github.com/Grantzile/PoC-CVE-2024-33883 https://security.paloaltonetworks.com/CVE-2024-3388 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-3387 – PAN-OS: Weak Certificate Strength in Panorama Software Leads to Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2024-3387
A weak (low bit strength) device certificate in Palo Alto Networks Panorama software enables an attacker to perform a meddler-in-the-middle (MitM) attack to capture encrypted traffic between the Panorama management server and the firewalls it manages. With sufficient computing resources, the attacker could break encrypted communication and expose sensitive information that is shared between the management server and the firewalls. • https://security.paloaltonetworks.com/CVE-2024-3387 • CWE-326: Inadequate Encryption Strength •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2024-3386 – PAN-OS: Predefined Decryption Exclusions Does Not Work as Intended
https://notcve.org/view.php?id=CVE-2024-3386
An incorrect string comparison vulnerability in Palo Alto Networks PAN-OS software prevents Predefined Decryption Exclusions from functioning as intended. This can cause traffic destined for domains that are not specified in Predefined Decryption Exclusions to be unintentionally excluded from decryption. • https://security.paloaltonetworks.com/CVE-2024-3386 • CWE-436: Interpretation Conflict •