CNVD-2024-20507 — Vulnetix

CNVD-2024-20507 PUBLISHED CVSS 6.800000190734863 MEDIUM

Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一款下一代防火墙软件。 Palo Alto Networks PAN-OS存在安全漏洞。攻击者可利用该漏洞使用Panorama设备上的Web界面存储JavaScript有效载荷。

Risk Scores

CVSS 3.1

6.800000190734863

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Affected Products

Vendor	Product	Versions
Palo Alto Networks	Cloud NGFW	All
Palo Alto Networks	Prisma Access	All
Palo Alto Networks	PAN-OS	8.1, 8.1, 9.0

Exploit Intelligence

https://security.paloaltonetworks.com/CVE-2024-0007 (circl)
CIRCL seen: CVE-2024-0007 (circl-sighting)
CIRCL seen: CVE-2024-0007 (circl-sighting)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)

Timeline

Feb 14, 2024 CVE Published
Feb 14, 2024 PoC Published
Mar 6, 2024 PoC Published
Mar 19, 2024 CVE ID Reserved

References

https://security.paloaltonetworks.com/CVE-2024-0007 url

Open in Interactive Console →

$ Console Community · 100/wk Open console ›