CVE-2024-5918 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-5918 PUBLISHED

Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgemäßen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheitsüberprüfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben.

EPSS 0.15% · 36.0th percentile

Risk Scores

EPSS Score

0.15%

36.0th percentile

Affected Products

Vendor	Product	Versions
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks	PaloAlto Networks PAN-OS <11.2.3
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks	PaloAlto Networks PAN-OS <11.2.2-h3

Timeline

Nov 13, 2024 CVE Published
Nov 14, 2024 Coalition ESS Score
Nov 15, 2024 EPSS Score
Nov 15, 2024 Coalition ESS Score
Dec 3, 2024 EPSS Score
Dec 20, 2024 EPSS Score
Jan 6, 2025 EPSS Score
Jan 23, 2025 EPSS Score
Jan 30, 2025 Coalition ESS Score
Feb 9, 2025 EPSS Score
Feb 20, 2025 Coalition ESS Score
Feb 26, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465 advisory
https://security.paloaltonetworks.com/CVE-2024-2550 advisory
https://security.paloaltonetworks.com/CVE-2024-2551 advisory
https://security.paloaltonetworks.com/CVE-2024-2552 advisory
https://security.paloaltonetworks.com/CVE-2024-5917 advisory
https://security.paloaltonetworks.com/CVE-2024-5918 advisory
https://security.paloaltonetworks.com/CVE-2024-5919 advisory
https://security.paloaltonetworks.com/CVE-2024-5920 advisory
https://security.paloaltonetworks.com/CVE-2024-9472 advisory

Open in Interactive Console →