Lucene search

Palo_altoVULNRICHMENT:CVE-2024-0007

HistoryFeb 14, 2024 - 5:32 p.m.

CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface

2024-02-1417:32:08

CWE-79

palo_alto

github.com

palo alto networks

panorama appliances

javascript payload

authenticated administrator

impersonation

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

AI Score

5.5

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface on Panorama appliances. This enables the impersonation of another authenticated administrator.

CNA Affected

[
  {
    "vendor": "Palo Alto Networks",
    "product": "PAN-OS",
    "versions": [
      {
        "status": "affected",
        "changes": [
          {
            "at": "8.1.24-h1",
            "status": "unaffected"
          }
        ],
        "version": "8.1",
        "lessThan": "8.1.24-h1",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "changes": [
          {
            "at": "8.1.25",
            "status": "unaffected"
          }
        ],
        "version": "8.1",
        "lessThan": "8.1.25",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "changes": [
          {
            "at": "9.0.17",
            "status": "unaffected"
          }
        ],
        "version": "9.0",
        "lessThan": "9.0.17",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "changes": [
          {
            "at": "9.1.16",
            "status": "unaffected"
          }
        ],
        "version": "9.1",
        "lessThan": "9.1.16",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "changes": [
          {
            "at": "10.0.11",
            "status": "unaffected"
          }
        ],
        "version": "10.0",
        "lessThan": "10.0.11",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "changes": [
          {
            "at": "10.1.6",
            "status": "unaffected"
          }
        ],
        "version": "10.1",
        "lessThan": "10.1.6",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "10.2"
      },
      {
        "status": "unaffected",
        "version": "11.0"
      },
      {
        "status": "unaffected",
        "version": "11.1"
      }
    ],
    "platforms": [
      "Panorama"
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Palo Alto Networks",
    "product": "Prisma Access",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ],
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Palo Alto Networks",
    "product": "Cloud NGFW",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

security.paloaltonetworks.com/CVE-2024-0007

CVSS3

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

AI Score

5.5

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2024-0007