Lucene search

[email protected]NVD:CVE-2024-5916

HistoryAug 14, 2024 - 5:15 p.m.

CVE-2024-5916

2024-08-1417:15:18

CWE-313

CWE-312

[email protected]

web.nvd.nist.gov

information exposure

pan-os

system administrator

secrets

passwords

tokens

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.5%

JSON

An information exposure vulnerability in Palo Alto Networks PAN-OS software enables a local system administrator to unintentionally disclose secrets, passwords, and tokens of external systems. A read-only administrator who has access to the config log, can read secrets, passwords, and tokens to external systems.

Affected configurations

Nvd

Node

paloaltonetworkspan-osRange10.2.0–10.2.8

paloaltonetworkspan-osRange11.0.0–11.0.4

VendorProductVersionCPE
paloaltonetworkspan-os*cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
paloaltonetworks	pan-os	*	cpe:2.3:o:paloaltonetworks:pan-os::::::::

References

security.paloaltonetworks.com/CVE-2024-5916

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

9.5%

JSON

Related for NVD:CVE-2024-5916

vulnrichment1 cvelist1 nessus1 cve1 paloalto1 thn1