VDB

CISA-2024-9474

CISA-2024-9474 PUBLISHED CVSS 6.9 MEDIUM

Reported by palo_alto · Published November 18, 2024

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Risk Scores

CVSS 4.0
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red

Affected Products

VendorProductVersions
Palo Alto NetworksCloud NGFWAll
Palo Alto NetworksPAN-OS11.2.0, 11.1.0, 11.0.0
Palo Alto NetworksPrisma AccessAll
Palo Alto NetworksPrisma AccessAll, All
paloaltonetworkspan-os10.2.0, 10.1.0, 11.2.0
Palo Alto NetworksCloud NGFWAll, All
Palo Alto NetworksPAN-OS11.2.0, 11.1.0, 11.0.0

Timeline

  • Nov 18, 2024 CVE Published
  • Oct 21, 2025 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›