VDB
CNVD-2024-20511
CNVD-2024-20511
PUBLISHED
CVSS 5.5 MEDIUM
Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一款下一代防火墙软件。 Palo Alto Networks PAN-OS存在命令注入漏洞,该漏洞源于XML API中未能正确过滤构造命令特殊字符、命令等。攻击者可利用此漏洞导致任意命令执行。
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Palo Alto Networks | Prisma Access | All |
| Palo Alto Networks | PAN-OS | 8.1, 9.0, 9.1 |
| Palo Alto Networks | Cloud NGFW | All |
Timeline
- Dec 13, 2023 CVE Published
- Dec 18, 2023 PoC Published
- Dec 22, 2023 CVE ID Reserved
- Jan 3, 2024 PoC Published