Lucene search

HistoryAug 14, 2024 - 12:00 a.m.

Palo Alto Networks PAN-OS 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability

2024-08-1400:00:00

www.tenable.com

palo alto networks

pan-os

vulnerability

information exposure

passwords

tokens

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/SC:H/VI:N/SI:N/VA:N/SA:N/AU:N/U:Amber/R:U/V:C/RE:H

AI Score

5.1

Confidence

High

EPSS

Percentile

9.5%

JSON

The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4.
It is, therefore, affected by a vulnerability.

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system     administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only     administrator who has access to the config log, can read secrets, passwords, and tokens to external     systems.

Tenable has extracted the preceding description block directly from the PAN-OS security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(205532);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/13");

  script_cve_id("CVE-2024-5916");
  script_xref(name:"IAVA", value:"2024-A-0410-S");

  script_name(english:"Palo Alto Networks PAN-OS 10.2.x < 10.2.8 / 11.0.x < 11.0.4 Vulnerability");

  script_set_attribute(attribute:"synopsis", value:
"The remote PAN-OS host is affected by a vulnerability");
  script_set_attribute(attribute:"description", value:
"The version of Palo Alto Networks PAN-OS running on the remote host is 10.2.x prior to 10.2.8 or 11.0.x prior to 11.0.4.
It is, therefore, affected by a vulnerability.

    An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system
    administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only
    administrator who has access to the config log, can read secrets, passwords, and tokens to external
    systems.

Tenable has extracted the preceding description block directly from the PAN-OS security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/CVE-2024-5916");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PAN-OS 10.2.8 / 11.0.4 or later");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-5916");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(313);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/08/14");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/08/14");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/08/14");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:paloaltonetworks:pan-os");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Palo Alto Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("palo_alto_version.nbin");
  script_require_keys("Host/Palo_Alto/Firewall/Version", "Host/Palo_Alto/Firewall/Full_Version", "Host/Palo_Alto/Firewall/Source");

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

vcf::palo_alto::initialize();

var app_name = 'Palo Alto Networks PAN-OS';

var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');

var constraints = [
  { 'min_version' : '10.2.0', 'fixed_version' : '10.2.8' },
  { 'min_version' : '11.0.0', 'fixed_version' : '11.0.4' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_WARNING
);

References

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5916

security.paloaltonetworks.com/CVE-2024-5916

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/SC:H/VI:N/SI:N/VA:N/SA:N/AU:N/U:Amber/R:U/V:C/RE:H

AI Score

5.1

Confidence

High

EPSS

Percentile

9.5%

JSON

Related for PALO_ALTO_CVE-2024-5916.NASL