VDB

CNVD-2024-20511

CNVD-2024-20511 PUBLISHED CVSS 5.5 MEDIUM

Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一款下一代防火墙软件。 Palo Alto Networks PAN-OS存在命令注入漏洞,该漏洞源于XML API中未能正确过滤构造命令特殊字符、命令等。攻击者可利用此漏洞导致任意命令执行。

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

Affected Products

VendorProductVersions
Palo Alto NetworksPrisma AccessAll
Palo Alto NetworksPAN-OS8.1, 9.0, 9.1
Palo Alto NetworksCloud NGFWAll

Timeline

  • Dec 13, 2023 CVE Published
  • Dec 18, 2023 PoC Published
  • Dec 22, 2023 CVE ID Reserved
  • Jan 3, 2024 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›