CVE-2024-5918 — Vulnetix

CVE-2024-5918 PUBLISHED

Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgemäßen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheitsüberprüfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben.

EPSS 0.15% · 35.9th percentile

Risk Scores

EPSS Score

0.15%

35.9th percentile

Affected Products

Vendor	Product	Versions
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks	PaloAlto Networks PAN-OS <11.2.3
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks	PaloAlto Networks PAN-OS <11.2.2-h3

Timeline

Nov 13, 2024 CVE Published
Nov 14, 2024 Coalition ESS Score
Nov 15, 2024 EPSS Score
Nov 15, 2024 Coalition ESS Score
Dec 4, 2024 EPSS Score
Dec 21, 2024 EPSS Score
Jan 8, 2025 EPSS Score
Jan 25, 2025 EPSS Score
Jan 30, 2025 Coalition ESS Score
Feb 12, 2025 EPSS Score
Feb 20, 2025 Coalition ESS Score
Mar 2, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465 advisory
https://security.paloaltonetworks.com/CVE-2024-2550 advisory
https://security.paloaltonetworks.com/CVE-2024-2551 advisory
https://security.paloaltonetworks.com/CVE-2024-2552 advisory
https://security.paloaltonetworks.com/CVE-2024-5917 advisory
https://security.paloaltonetworks.com/CVE-2024-5918 advisory
https://security.paloaltonetworks.com/CVE-2024-5919 advisory
https://security.paloaltonetworks.com/CVE-2024-5920 advisory
https://security.paloaltonetworks.com/CVE-2024-9472 advisory

Open in Interactive Console →