CERT-In Vulnerability Note
CIVN-2024-0280
Multiple Vulnerabilities in Palo Alto Network Applications
Original Issue Date:September 02, 2024
Severity Rating: HIGH
Software Affected
- GlobalProtect App 6.3 < 6.3.1 on Windows
- GlobalProtect App 6.2 < 6.2.4 on Windows
- GlobalProtect App 6.1 < 6.1.5 on Windows
- GlobalProtect App 6.0 < 6.0.x on Windows
- GlobalProtect App 5.1 < 5.1.x on Windows
- Cloud NGFW - Before 8/15 on Azure, Before 8/23 on AWS
- PAN-OS 11.0 < 11.0.4
- PAN-OS 10.2 < 10.2.8
- Cortex XSOAR CommonScripts <1.12.33
Overview
Multiple Vulnerabilities have been reported in Palo Alto Network Applications, which could allow the attacker to perform privilege escalation, information disclosure and command injection attack on the affected system.
Description
1. Privilege Escalation Vulnerability
(
CVE-2024-5915
)
This vulnerability exists in Palo Alto Networks GlobalProtect app due to an unspecified error. Successful exploitation of this vulnerability could allow an attacker to gain elevated privileges on the system.
2. Information Disclosure Vulnerability
(
CVE-2024-5916
)
This vulnerability exists in Palo Alto Networks PAN-OS due to an information exposure. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information and read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.
3. Command Injection Vulnerability
(
CVE-2024-5914
)
This vulnerability exists in Palo Alto Networks Cortex XSOAR due to a command injection in CommonScripts Pack. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands within the context of an integration container.
Solution
- Install updates from vendors website.
Vendor Information
Palo Alto Networks
https://security.paloaltonetworks.com/CVE-2024-5914
https://security.paloaltonetworks.com/CVE-2024-5915
https://security.paloaltonetworks.com/CVE-2024-5916
References
Palo Alto Networks
https://security.paloaltonetworks.com/CVE-2024-5914
https://security.paloaltonetworks.com/CVE-2024-5915
https://security.paloaltonetworks.com/CVE-2024-5916
CVE Name
CVE-2024-5915
CVE-2024-5916
CVE-2024-5914
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Email: info@cert-in.org.in Phone: +91-11-22902657
Postal address
Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi - 110 003 India
|