CVE-2024-5920 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-5920 PUBLISHED

Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgemäße Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

EPSS 0.43% · 62.3th percentile

Risk Scores

EPSS Score

0.43%

62.3th percentile

Affected Products

Vendor	Product	Versions
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.7
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.6
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.2
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.9-14
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.3
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.4-h5
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.2
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.10
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.5
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.10-h7
PaloAlto Networks	PaloAlto Networks PAN-OS <11.1.4
PaloAlto Networks	PaloAlto Networks PAN-OS <11.1.2-h14
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.14
PaloAlto Networks	PaloAlto Networks PAN-OS <11.0.5
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.8-h13
PaloAlto Networks	PaloAlto Networks PAN-OS <11.1.3-h10
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.11
PaloAlto Networks	PaloAlto Networks PAN-OS <10.1.11
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.4-h6
PaloAlto Networks	PaloAlto Networks PAN-OS <10.2.7-h16

Timeline

Nov 13, 2024 CVE Published
Nov 14, 2024 Coalition ESS Score
Nov 15, 2024 EPSS Score
Nov 15, 2024 Coalition ESS Score
Dec 3, 2024 EPSS Score
Dec 20, 2024 EPSS Score
Jan 6, 2025 EPSS Score
Jan 23, 2025 EPSS Score
Jan 24, 2025 Coalition ESS Score
Feb 9, 2025 EPSS Score
Feb 26, 2025 EPSS Score
Mar 15, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465 advisory
https://security.paloaltonetworks.com/CVE-2024-2550 advisory
https://security.paloaltonetworks.com/CVE-2024-2551 advisory
https://security.paloaltonetworks.com/CVE-2024-2552 advisory
https://security.paloaltonetworks.com/CVE-2024-5917 advisory
https://security.paloaltonetworks.com/CVE-2024-5918 advisory
https://security.paloaltonetworks.com/CVE-2024-5919 advisory
https://security.paloaltonetworks.com/CVE-2024-5920 advisory
https://security.paloaltonetworks.com/CVE-2024-9472 advisory

Open in Interactive Console →