Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.PALO_ALTO_CVE-2024-2433.NASLHistoryMar 13, 2024 - 12:00 a.m.
Palo Alto Networks PAN-OS 9.0.x < 9.0.17-h4 / 9.1.x < 9.1.17 / 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.3 Vulnerability
2024-03-1300:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
palo alto networks
pan-os
vulnerability
disk partition fill
improper authorization
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
AI Score
4.7
Confidence
High
EPSS
0
Percentile
9.0%
The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h4 or 9.1.x prior to 9.1.17 or 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.3. It is, therefore, affected by a vulnerability.
- An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated read-only administrator to upload files using the web interface and completely fill one of the disk partitions with those uploaded files, which prevents the ability to log into the web interface or to download PAN-OS, WildFire, and content images. (CVE-2024-2433)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(192031);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");
script_cve_id("CVE-2024-2433");
script_xref(name:"IAVA", value:"2024-A-0171-S");
script_name(english:"Palo Alto Networks PAN-OS 9.0.x < 9.0.17-h4 / 9.1.x < 9.1.17 / 10.1.x < 10.1.12 / 10.2.x < 10.2.8 / 11.0.x < 11.0.3 Vulnerability");
script_set_attribute(attribute:"synopsis", value:
"The remote PAN-OS host is affected by a vulnerability");
script_set_attribute(attribute:"description", value:
"The version of Palo Alto Networks PAN-OS running on the remote host is 9.0.x prior to 9.0.17-h4 or 9.1.x prior to 9.1.17
or 10.1.x prior to 10.1.12 or 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.3. It is, therefore, affected by a
vulnerability.
- An improper authorization vulnerability in Palo Alto Networks Panorama software enables an authenticated
read-only administrator to upload files using the web interface and completely fill one of the disk
partitions with those uploaded files, which prevents the ability to log into the web interface or to
download PAN-OS, WildFire, and content images. (CVE-2024-2433)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/CVE-2024-2433");
script_set_attribute(attribute:"solution", value:
"Upgrade to PAN-OS 9.0.17-h4 / 9.1.17 / 10.1.12 / 10.2.8 / 11.0.3 or later");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-2433");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(269);
script_set_attribute(attribute:"vuln_publication_date", value:"2024/03/13");
script_set_attribute(attribute:"patch_publication_date", value:"2024/03/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/03/13");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:paloaltonetworks:pan-os");
script_set_attribute(attribute:"generated_plugin", value:"former");
script_set_attribute(attribute:"stig_severity", value:"II");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Palo Alto Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("palo_alto_version.nbin");
script_require_keys("Host/Palo_Alto/Firewall/Version", "Host/Palo_Alto/Firewall/Full_Version", "Host/Palo_Alto/Firewall/Source");
exit(0);
}
include('vcf.inc');
include('vcf_extras.inc');
vcf::palo_alto::initialize();
var app_name = 'Palo Alto Networks PAN-OS';
var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');
# local_checks_enabled or paranoid scan
var kb_lce = get_kb_item('Host/local_checks_enabled');
if (
(empty_or_null(kb_lce) || kb_lce == 0)
&& report_paranoia < 2
)
{
audit(AUDIT_PARANOID);
}
else
{
var kb_ssi = get_kb_item_or_exit('Host/Palo_Alto/show_system_info');
if (empty_or_null(kb_ssi) || 'system-mode: panorama' >!< tolower(kb_ssi))
audit(AUDIT_HOST_NOT, 'Panorama');
}
var constraints = [
{ 'min_version' : '9.0.0', 'fixed_version' : '9.0.17-h4' },
{ 'min_version' : '9.1.0', 'fixed_version' : '9.1.17' },
{ 'min_version' : '10.1.0', 'fixed_version' : '10.1.12' },
{ 'min_version' : '10.2.0', 'fixed_version' : '10.2.8' },
{ 'min_version' : '11.0.0', 'fixed_version' : '11.0.3' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
Related
nvd
nvd
CVE-2024-2433
2024-03-13 18:15:08
cve
cve
CVE-2024-2433
2024-03-13 18:15:08
paloalto
paloalto
cvelist
cvelist
vulnrichment
vulnrichment
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
AI Score
4.7
Confidence
High
EPSS
0
Percentile
9.0%
Related for PALO_ALTO_CVE-2024-2433.NASL