VDB
CVE-2024-5917
CVE-2024-5917
PUBLISHED
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen.
EPSS 0.23% · 45.6th percentile
Risk Scores
EPSS Score
0.23%
45.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.2.2 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <11.1.4 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.7 |
Timeline
- Nov 13, 2024 PoC Published
- Nov 13, 2024 PoC Published
- Nov 13, 2024 CVE Published
- Nov 14, 2024 Coalition ESS Score
- Nov 14, 2024 PoC Published
- Nov 14, 2024 PoC Published
- Nov 15, 2024 EPSS Score
- Nov 15, 2024 Coalition ESS Score
- Nov 18, 2024 PoC Published
- Dec 4, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 8, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465 advisory
- https://security.paloaltonetworks.com/CVE-2024-2550 advisory
- https://security.paloaltonetworks.com/CVE-2024-2551 advisory
- https://security.paloaltonetworks.com/CVE-2024-2552 advisory
- https://security.paloaltonetworks.com/CVE-2024-5917 advisory
- https://security.paloaltonetworks.com/CVE-2024-5918 advisory
- https://security.paloaltonetworks.com/CVE-2024-5919 advisory
- https://security.paloaltonetworks.com/CVE-2024-5920 advisory
- https://security.paloaltonetworks.com/CVE-2024-9472 advisory