Lucene search

Palo Alto Networks Product Security Incident Response TeamPA-CVE-2024-8691

HistorySep 11, 2024 - 4:00 p.m.

PAN-OS: User Impersonation in GlobalProtect Portal

2024-09-1116:00:00

Palo Alto Networks Product Security Incident Response Team

securityadvisories.paloaltonetworks.com

pan-os

globalprotect

vulnerability

user impersonation

palo alto networks

exploitation

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/SC:L/VI:L/SI:L/VA:L/SA:L/AU:Y/U:Amber/R:A/V:D/RE:M

AI Score

6.5

Confidence

High

EPSS

Percentile

9.6%

JSON

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Work around:
No work around available.

Affected configurations

Vulners

Node

softwarepan-osRange<9.1.17

softwarepan-osRange<10.1.11

VendorProductVersionCPE
softwarepan-os*cpe:2.3:a:software:pan-os:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
software	pan-os	*	cpe:2.3:a:software:pan-os::::::::

References

security.paloaltonetworks.com/CVE-2024-8691