VDB
CVE-2024-8688
CVE-2024-8688
PUBLISHED
Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler existiert in der Befehlszeilenschnittstelle aufgrund einer unsachgemäßen Neutralisierung von übereinstimmenden Symbolen, die es ermöglicht, beliebige Dateien auf der Firewall zu lesen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.
EPSS 0.17% · 37.6th percentile
Risk Scores
EPSS Score
0.17%
37.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.1.1 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <9.0.17 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <8.1.25 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <9.1.15 | |
| PaloAlto Networks | PaloAlto Networks PAN-OS <10.0.10 |
Timeline
- Sep 11, 2024 CVE Published
- Sep 11, 2024 CVE Updated
- Sep 12, 2024 EPSS Score
- Oct 2, 2024 EPSS Score
- Oct 5, 2024 Coalition ESS Score
- Oct 22, 2024 EPSS Score
- Nov 10, 2024 EPSS Score
- Nov 30, 2024 EPSS Score
- Dec 21, 2024 EPSS Score
- Jan 10, 2025 EPSS Score
- Jan 29, 2025 EPSS Score
- Feb 18, 2025 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2127.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2127 advisory
- https://security.paloaltonetworks.com/CVE-2024-8686 advisory
- https://security.paloaltonetworks.com/CVE-2024-8687 advisory
- https://security.paloaltonetworks.com/CVE-2024-8688 advisory
- https://security.paloaltonetworks.com/CVE-2024-8691 advisory