CVE-2024-0008 — Vulnetix

CVE-2024-0008 PUBLISHED

Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht in der Verwaltungsschnittstelle, da Web-Sitzungen in bestimmten Situationen nicht ablaufen, wodurch sie anfällig für unbefugten Zugriff ist. Ein physischer, anonymer Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.

EPSS 0.32% · 54.9th percentile

Risk Scores

EPSS Score

0.32%

54.9th percentile

Affected Products

Vendor	Product	Versions
PaloAlto Networks	PaloAlto Networks PAN-OS < 8.1.25
PaloAlto Networks	PaloAlto Networks PAN-OS < 10.1.6
PaloAlto Networks	PaloAlto Networks PAN-OS < 10.1.12
PaloAlto Networks	PaloAlto Networks PAN-OS < 8.1.24-h1
PaloAlto Networks	PaloAlto Networks PAN-OS < 9.1.16
PaloAlto Networks	PaloAlto Networks PAN-OS < 9.0.17
PaloAlto Networks	PaloAlto Networks PAN-OS < 10.0.11
PaloAlto Networks	PaloAlto Networks PAN-OS < 10.1.11-h1
PaloAlto Networks	PaloAlto Networks PAN-OS < 11.0.1
PaloAlto Networks	PaloAlto Networks PAN-OS < 10.2.4
PaloAlto Networks	PaloAlto Networks PAN-OS < 8.1.24
PaloAlto Networks	PaloAlto Networks PAN-OS < 9.1.13

Exploit Intelligence

CIRCL seen: CVE-2024-0008 (circl-sighting)
CIRCL seen: CVE-2024-0008 (circl-sighting)
CIRCL seen: CVE-2024-0008 (circl-sighting)
https://security.paloaltonetworks.com/CVE-2024-0008 (circl)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)
packageScanner_test.cpp (github-poc)

Timeline

Feb 14, 2024 CVE Published
Feb 14, 2024 PoC Published
Feb 15, 2024 EPSS Score
Feb 19, 2024 CVE Updated
Mar 6, 2024 PoC Published
Mar 13, 2024 EPSS Score
Apr 9, 2024 EPSS Score
May 6, 2024 EPSS Score
Jun 2, 2024 EPSS Score
Jun 28, 2024 EPSS Score
Jul 25, 2024 EPSS Score
Aug 25, 2024 EPSS Score

References

Open in Interactive Console →