Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.PALO_ALTO_CVE-2024-8686.NASL
HistorySep 11, 2024 - 12:00 a.m.

Palo Alto Networks PAN-OS 11.2.x < 11.2.3 Vulnerability

2024-09-1100:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
13
palo alto networks
pan-os
command injection
vulnerability
administrator
firewall
tenable
security advisory
nessus
version number
root

CVSS4

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N/AU:N/U:Amber/R:U/V:C/RE:M

AI Score

7.4

Confidence

Low

EPSS

0

Percentile

10.2%

JSON

The version of Palo Alto Networks PAN-OS running on the remote host is 11.2.x prior to 11.2.3. It is, therefore, affected by a vulnerability.

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated     administrator to bypass system restrictions and run arbitrary commands as root on the firewall.

Tenable has extracted the preceding description block directly from the PAN-OS security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(206985);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/09/18");

  script_cve_id("CVE-2024-8686");
  script_xref(name:"IAVA", value:"2024-A-0574");

  script_name(english:"Palo Alto Networks PAN-OS 11.2.x < 11.2.3 Vulnerability");

  script_set_attribute(attribute:"synopsis", value:
"The remote PAN-OS host is affected by a vulnerability");
  script_set_attribute(attribute:"description", value:
"The version of Palo Alto Networks PAN-OS running on the remote host is 11.2.x prior to 11.2.3. It is, therefore,
affected by a vulnerability.

    A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated
    administrator to bypass system restrictions and run arbitrary commands as root on the firewall.

Tenable has extracted the preceding description block directly from the PAN-OS security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://security.paloaltonetworks.com/CVE-2024-8686");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PAN-OS 11.2.3 or later");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_supplemental", value:"CVSS:4.0/AU:N/R:U/V:C/RE:M/U:Amber");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-8686");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(78);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/09/11");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/09/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/09/11");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:paloaltonetworks:pan-os");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Palo Alto Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("palo_alto_version.nbin");
  script_require_keys("Host/Palo_Alto/Firewall/Version", "Host/Palo_Alto/Firewall/Full_Version", "Host/Palo_Alto/Firewall/Source");

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

vcf::palo_alto::initialize();

var app_name = 'Palo Alto Networks PAN-OS';

var app_info = vcf::get_app_info(app:app_name, kb_ver:'Host/Palo_Alto/Firewall/Full_Version', kb_source:'Host/Palo_Alto/Firewall/Source');

var constraints = [
  { 'min_version' : '11.2.0', 'max_version' : '11.2.2', 'fixed_version' : '11.2.3' }
];

vcf::check_version_and_report(
    app_info:app_info,
    constraints:constraints,
    severity:SECURITY_HOLE
);

Related

nvd 1
paloalto 1
cvelist 1
vulnrichment 1
cve 1
nvd
nvd
CVE-2024-8686
2024-09-11 17:15:14
paloalto
paloalto
PAN-OS: Command Injection Vulnerability
2024-09-11 16:00:00
cvelist
cvelist
CVE-2024-8686 PAN-OS: Command Injection Vulnerability
2024-09-11 16:34:21
vulnrichment
vulnrichment
CVE-2024-8686 PAN-OS: Command Injection Vulnerability
2024-09-11 16:34:21
cve
cve
CVE-2024-8686
2024-09-11 17:15:14

CVSS4

8.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/SC:N/VI:H/SI:N/VA:H/SA:N/AU:N/U:Amber/R:U/V:C/RE:M

AI Score

7.4

Confidence

Low

EPSS

0

Percentile

10.2%

JSON
Related for PALO_ALTO_CVE-2024-8686.NASL
nvd1paloalto1cvelist1vulnrichment1cve1