Action not permitted
Modal body text goes here.
Modal Title
Modal Body
ghsa-p24w-fv79-9hfm
Vulnerability from github
Published
2024-10-09 18:31
Modified
2024-10-15 18:30
Severity ?
Details
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.
{ affected: [], aliases: [ "CVE-2024-9471", ], database_specific: { cwe_ids: [ "CWE-269", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2024-10-09T17:15:21Z", severity: "MODERATE", }, details: "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.", id: "GHSA-p24w-fv79-9hfm", modified: "2024-10-15T18:30:49Z", published: "2024-10-09T18:31:44Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2024-9471", }, { type: "WEB", url: "https://security.paloaltonetworks.com/CVE-2024-9471", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", type: "CVSS_V3", }, { score: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:L/U:Green", type: "CVSS_V4", }, ], }
cve-2024-9471
Vulnerability from cvelistv5
Published
2024-10-09 17:06
Modified
2024-10-18 11:58
Severity ?
EPSS score ?
Summary
A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with "Virtual system administrator (read-only)" access could use an XML API key of a "Virtual system administrator" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://security.paloaltonetworks.com/CVE-2024-9471 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Palo Alto Networks | PAN-OS |
Version: 11.0.0 < 11.0.3 Version: 10.1.0 < 10.1.11 Version: 10.2.0 < 10.2.8 Version: 9.1 Version: 9.0 cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.19:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.18:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.17:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h8:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h7:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h6:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h5:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.15:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.13:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.12:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.11:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.10:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.8:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.7:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.6:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.5:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.4:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h4:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h3:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h2:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h1:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.1:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:-:*:*:*:*:*:* cpe:2.3:o:paloaltonetworks:pan-os:9.0:-:*:*:*:*:*:* |
|||||||||||
|
||||||||||||||
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "pan-os", vendor: "paloaltonetworks", versions: [ { lessThan: "11.0.3", status: "affected", version: "11.0.0", versionType: "custom", }, { lessThan: "10.1.11", status: "affected", version: "10.1.0", versionType: "custom", }, { lessThan: "10.2.8", status: "affected", version: "10.2.0", versionType: "custom", }, { status: "affected", version: "9.1", }, { status: "affected", version: "9.0", }, { status: "unaffected", version: "11.1.0", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-9471", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-09T20:28:43.911070Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-09T20:33:15.742Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.19:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.18:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.17:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.16:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.15:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h8:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.13:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.12:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.11:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.17:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h7:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h6:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h5:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.15:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.14:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.13:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.12:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.11:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.10:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.9:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.8:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.7:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.6:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.5:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.4:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.3:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h4:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h3:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h2:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:h1:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.2:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.1:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0.0:-:*:*:*:*:*:*", "cpe:2.3:o:paloaltonetworks:pan-os:9.0:-:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "PAN-OS", vendor: "Palo Alto Networks", versions: [ { status: "unaffected", version: "11.1.0", }, { changes: [ { at: "11.0.3", status: "unaffected", }, ], lessThan: "11.0.3", status: "affected", version: "11.0.0", versionType: "custom", }, { changes: [ { at: "10.1.11", status: "unaffected", }, ], lessThan: "10.1.11", status: "affected", version: "10.1.0", versionType: "custom", }, { changes: [ { at: "10.2.8", status: "unaffected", }, ], lessThan: "10.2.8", status: "affected", version: "10.2.0", versionType: "custom", }, { status: "affected", version: "9.1", }, { status: "affected", version: "9.0", }, ], }, { defaultStatus: "unaffected", product: "Cloud NGFW", vendor: "Palo Alto Networks", versions: [ { status: "unaffected", version: "All", }, ], }, { defaultStatus: "unaffected", product: "Prisma Access", vendor: "Palo Alto Networks", versions: [ { status: "unaffected", version: "All", }, ], }, ], configurations: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is applicable only to PAN-OS configurations that have XML API access enabled.<br><br>You can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access", }, ], value: "This issue is applicable only to PAN-OS configurations that have XML API access enabled.\n\nYou can find more information about the XML API here: https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-panorama-api/pan-os-api-authentication/enable-api-access", }, ], credits: [ { lang: "en", type: "finder", value: "Palo Alto Networks thanks an external reporter for discovering and reporting this issue.", }, ], datePublic: "2024-10-09T16:00:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.", }, ], value: "A privilege escalation (PE) vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with \"Virtual system administrator (read-only)\" access could use an XML API key of a \"Virtual system administrator\" to perform write operations on the virtual system configuration even though they should be limited to read-only operations.", }, ], exploits: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.", }, ], impacts: [ { capecId: "CAPEC-233", descriptions: [ { lang: "en", value: "CAPEC-233 Privilege Escalation", }, ], }, ], metrics: [ { cvssV4_0: { Automatable: "NO", Recovery: "AUTOMATIC", Safety: "NOT_DEFINED", attackComplexity: "LOW", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 5.1, baseSeverity: "MEDIUM", privilegesRequired: "HIGH", providerUrgency: "GREEN", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "NONE", valueDensity: "DIFFUSE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Green", version: "4.0", vulnAvailabilityImpact: "LOW", vulnConfidentialityImpact: "LOW", vulnIntegrityImpact: "LOW", vulnerabilityResponseEffort: "LOW", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-269", description: "CWE-269 Improper Privilege Management", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-10-18T11:58:13.115Z", orgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", shortName: "palo_alto", }, references: [ { tags: [ "vendor-advisory", ], url: "https://security.paloaltonetworks.com/CVE-2024-9471", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.", }, ], value: "This issue is fixed in PAN-OS 10.1.11, PAN-OS 10.2.8, PAN-OS 11.0.3, and all later PAN-OS versions.", }, ], source: { defect: [ "PAN-217511", "PAN-152631", ], discovery: "EXTERNAL", }, timeline: [ { lang: "en", time: "2024-10-09T16:00:00.000Z", value: "Initial publication", }, ], title: "PAN-OS: Privilege Escalation (PE) Vulnerability in XML API", workarounds: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/best-practices\">https://docs.paloaltonetworks.com/best-practices</a>.", }, ], value: "This issue requires the attacker to have authenticated access to the PAN-OS XML API. You can mitigate the effect this issue has on your environment by following the Administrative Access Best Practices in the PAN-OS technical documentation at https://docs.paloaltonetworks.com/best-practices .", }, ], x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", assignerShortName: "palo_alto", cveId: "CVE-2024-9471", datePublished: "2024-10-09T17:06:41.456Z", dateReserved: "2024-10-03T11:35:17.822Z", dateUpdated: "2024-10-18T11:58:13.115Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.