cvelistv5 - CVE-2024-2551

CVE-2024-2551

Vulnerability from cvelistv5

Published

2024-11-14 09:36

Modified

2024-11-19 15:01

Severity ?

8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

Summary

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2024-2551	Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Palo Alto Networks

Cloud NGFW

	Palo Alto Networks	PAN-OS	Version: 11.0.0 < 11.0.5 Version: 10.2.0 < 10.2.4-h6 Version: 10.1.0 < 10.1.14 cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:::::: cpe:2.3:o:paloaltonetworks:pan-os:10.1:-::::::
	Palo Alto Networks	Prisma Access

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2551",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T15:01:17.887695Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T15:01:40.744Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Cloud NGFW",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*",
            "cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "PAN-OS",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "11.2.0"
            },
            {
              "status": "unaffected",
              "version": "11.1.0"
            },
            {
              "changes": [
                {
                  "at": "11.0.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "11.0.5",
              "status": "affected",
              "version": "11.0.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.2.4-h6",
                  "status": "unaffected"
                },
                {
                  "at": "10.2.5",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.2.4-h6",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "10.1.14",
                  "status": "unaffected"
                }
              ],
              "lessThan": "10.1.14",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Prisma Access",
          "vendor": "Palo Alto Networks",
          "versions": [
            {
              "status": "unaffected",
              "version": "All"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "a customer"
        }
      ],
      "datePublic": "2024-11-13T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
            }
          ],
          "value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
            }
          ],
          "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-129",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-129 Pointer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NO",
            "Recovery": "USER",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "providerUrgency": "AMBER",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "CONCENTRATED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "MODERATE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476 NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-14T09:36:09.876Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
        }
      ],
      "solutions": [
        {
          "lang": "eng",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
            }
          ],
          "value": "This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions."
        }
      ],
      "source": {
        "defect": [
          "PAN-223185"
        ],
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-13T17:00:00.000Z",
          "value": "Initial publication"
        }
      ],
      "title": "PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2024-2551",
    "datePublished": "2024-11-14T09:36:09.876Z",
    "dateReserved": "2024-03-15T22:43:27.814Z",
    "dateUpdated": "2024-11-19T15:01:40.744Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-2551\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2024-11-14T10:15:04.547\",\"lastModified\":\"2025-01-24T16:03:41.910\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desreferencia de puntero nulo en el software PAN-OS de Palo Alto Networks permite a un atacante no autenticado detener un servicio central del sistema en el firewall mediante el env\u00edo de un paquete manipulado a trav\u00e9s del plano de datos que provoca una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Los intentos repetidos de activar esta condici\u00f3n hacen que el firewall entre en modo de mantenimiento.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"NONE\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"HIGH\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NO\",\"recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.14\",\"matchCriteriaId\":\"19D52DC1-4441-4C88-B209-9B86FCC2162F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.4\",\"matchCriteriaId\":\"D61F01F8-1598-4078-9D98-BFF5B62F3BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndExcluding\":\"11.0.5\",\"matchCriteriaId\":\"06B9F11D-D5EF-487A-8E43-9AE14307CCE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"135588B5-6771-46A3-98B0-39B4873FD6FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*\",\"matchCriteriaId\":\"20673F1E-733D-41C4-A644-C482431C26EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*\",\"matchCriteriaId\":\"156DA55E-4152-47BF-A067-136EEC9ADE22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D2F5C4-7ACC-4514-ADBD-3948158B93CC\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2024-2551\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-2551\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-19T15:01:17.887695Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-14T19:26:10.888Z\"}}], \"cna\": {\"title\": \"PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet\", \"source\": {\"defect\": [\"PAN-223185\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"a customer\"}], \"impacts\": [{\"capecId\": \"CAPEC-129\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-129 Pointer Manipulation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"USER\", \"baseScore\": 8.7, \"Automatable\": \"NO\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"NONE\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.13:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.12:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.11:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.10:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.9:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.8:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.7:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h8:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h7:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.5:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h6:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h5:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h4:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.4:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h3:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h2:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:h1:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.3:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.2:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.1:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1.0:-:*:*:*:*:*:*\", \"cpe:2.3:o:paloaltonetworks:pan-os:10.1:-:*:*:*:*:*:*\"], \"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.2.0\"}, {\"status\": \"unaffected\", \"version\": \"11.1.0\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.0.5\", \"status\": \"unaffected\"}], \"version\": \"11.0.0\", \"lessThan\": \"11.0.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.4-h6\", \"status\": \"unaffected\"}, {\"at\": \"10.2.5\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.4-h6\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.14\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.14\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-13T17:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"eng\", \"value\": \"This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in PAN-OS 10.1.14, PAN-OS 10.2.4-h6, PAN-OS 10.2.5, PAN-OS 11.0.5, and all later PAN-OS versions.\", \"base64\": false}]}], \"datePublic\": \"2024-11-13T18:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-2551\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-476\", \"description\": \"CWE-476 NULL Pointer Dereference\"}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2024-11-14T09:36:09.876Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-2551\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-19T15:01:40.744Z\", \"dateReserved\": \"2024-03-15T22:43:27.814Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-11-14T09:36:09.876Z\", \"assignerShortName\": \"palo_alto\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ncsc-2024-0444

Vulnerability from csaf_ncscnl

Published

2024-11-14 12:38

Modified

2024-11-14 12:38

Summary

Kwetsbaarheden verholpen in Palo Alto PAN-OS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.

Oplossingen

Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-918

Server-Side Request Forgery (SSRF)

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611

Improper Restriction of XML External Entity Reference

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Palo Alto PAN-OS",
    "tracking": {
      "current_release_date": "2024-11-14T12:38:50.941039Z",
      "id": "NCSC-2024-0444",
      "initial_release_date": "2024-11-14T12:38:50.941039Z",
      "revision_history": [
        {
          "date": "2024-11-14T12:38:50.941039Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-1687475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloalto_networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "cloud_ngfw",
            "product": {
              "name": "cloud_ngfw",
              "product_id": "CSAFPID-842692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-842690",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloaltonetworks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2550.json"
        }
      ],
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2551",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2551.json"
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2552",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2552.json"
        }
      ],
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5917",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5917.json"
        }
      ],
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5918",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5918.json"
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5919",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5919.json"
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5920.json"
        }
      ],
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9472.json"
        }
      ],
      "title": "CVE-2024-9472"
    }
  ]
}

NCSC-2024-0444

Vulnerability from csaf_ncscnl

Published

2024-11-14 12:38

Modified

2024-11-14 12:38

Summary

Kwetsbaarheden verholpen in Palo Alto PAN-OS

Notes

Feiten

Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.

Interpretaties

Oplossingen

Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans

medium

Schade

high

CWE-476

NULL Pointer Dereference

CWE-295

Improper Certificate Validation

CWE-918

Server-Side Request Forgery (SSRF)

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-611

Improper Restriction of XML External Entity Reference

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Palo Alto Networks heeft kwetsbaarheden verholpen in PAN-OS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om beveiligingsmaatregelen te omzeilen en zo verkeer naar en door het systeem te leiden dat aanvankelijk niet is toegestaan, of een Denial-of-Service veroorzaken.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Palo Alto heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Improper Certificate Validation",
        "title": "CWE-295"
      },
      {
        "category": "general",
        "text": "Server-Side Request Forgery (SSRF)",
        "title": "CWE-918"
      },
      {
        "category": "general",
        "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
        "title": "CWE-22"
      },
      {
        "category": "general",
        "text": "Improper Restriction of XML External Entity Reference",
        "title": "CWE-611"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      },
      {
        "category": "external",
        "summary": "Reference - certbundde; cveprojectv5",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Palo Alto PAN-OS",
    "tracking": {
      "current_release_date": "2024-11-14T12:38:50.941039Z",
      "id": "NCSC-2024-0444",
      "initial_release_date": "2024-11-14T12:38:50.941039Z",
      "revision_history": [
        {
          "date": "2024-11-14T12:38:50.941039Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-1687475",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloalto_networks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloalto_networks"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "cloud_ngfw",
            "product": {
              "name": "cloud_ngfw",
              "product_id": "CSAFPID-842692",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:cloud_ngfw:*:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "pan-os",
            "product": {
              "name": "pan-os",
              "product_id": "CSAFPID-842690",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "paloaltonetworks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2550",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2550.json"
        }
      ],
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2551",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2551.json"
        }
      ],
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
          "title": "CWE-22"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-2552",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-2552.json"
        }
      ],
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "cwe": {
        "id": "CWE-918",
        "name": "Server-Side Request Forgery (SSRF)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Server-Side Request Forgery (SSRF)",
          "title": "CWE-918"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5917",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5917.json"
        }
      ],
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Certificate Validation",
          "title": "CWE-295"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5918",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5918.json"
        }
      ],
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "cwe": {
        "id": "CWE-611",
        "name": "Improper Restriction of XML External Entity Reference"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Restriction of XML External Entity Reference",
          "title": "CWE-611"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5919",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5919.json"
        }
      ],
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
          "title": "CWE-79"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-5920",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-5920.json"
        }
      ],
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "cwe": {
        "id": "CWE-476",
        "name": "NULL Pointer Dereference"
      },
      "notes": [
        {
          "category": "other",
          "text": "NULL Pointer Dereference",
          "title": "CWE-476"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1687475"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-9472",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9472.json"
        }
      ],
      "title": "CVE-2024-9472"
    }
  ]
}

fkie_cve-2024-2551

Vulnerability from fkie_nvd

Published

2024-11-14 10:15

Modified

2025-01-24 16:03

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

▼	URL	Tags
	psirt@paloaltonetworks.com	https://security.paloaltonetworks.com/CVE-2024-2551	Vendor Advisory

Impacted products

Vendor	Product	Version
paloaltonetworks	pan-os	*
paloaltonetworks	pan-os	*
paloaltonetworks	pan-os	*
paloaltonetworks	pan-os	10.2.4
paloaltonetworks	pan-os	10.2.4
paloaltonetworks	pan-os	10.2.4
paloaltonetworks	pan-os	10.2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D52DC1-4441-4C88-B209-9B86FCC2162F",
              "versionEndExcluding": "10.1.14",
              "versionStartIncluding": "10.1.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D61F01F8-1598-4078-9D98-BFF5B62F3BA5",
              "versionEndExcluding": "10.2.4",
              "versionStartIncluding": "10.2.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B9F11D-D5EF-487A-8E43-9AE14307CCE5",
              "versionEndExcluding": "11.0.5",
              "versionStartIncluding": "11.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "135588B5-6771-46A3-98B0-39B4873FD6FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*",
              "matchCriteriaId": "20673F1E-733D-41C4-A644-C482431C26EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*",
              "matchCriteriaId": "156DA55E-4152-47BF-A067-136EEC9ADE22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*",
              "matchCriteriaId": "C2D2F5C4-7ACC-4514-ADBD-3948158B93CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de desreferencia de puntero nulo en el software PAN-OS de Palo Alto Networks permite a un atacante no autenticado detener un servicio central del sistema en el firewall mediante el env\u00edo de un paquete manipulado a trav\u00e9s del plano de datos que provoca una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Los intentos repetidos de activar esta condici\u00f3n hacen que el firewall entre en modo de mantenimiento."
    }
  ],
  "id": "CVE-2024-2551",
  "lastModified": "2025-01-24T16:03:41.910",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "psirt@paloaltonetworks.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-11-14T10:15:04.547",
  "references": [
    {
      "source": "psirt@paloaltonetworks.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
    }
  ],
  "sourceIdentifier": "psirt@paloaltonetworks.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "psirt@paloaltonetworks.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

WID-SEC-W-2024-3465

Vulnerability from csaf_certbund

Published

2024-11-13 23:00

Modified

2024-11-13 23:00

Summary

PaloAlto Networks PAN-OS: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.

Angriff

Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsmaßnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3465 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3465 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks PAN-OS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-13T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-14T11:42:00.791+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3465",
      "initial_release_date": "2024-11-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.5",
                  "product_id": "T039151"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.5",
                  "product_id": "T039151-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.6",
                  "product_id": "T039152"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.6",
                  "product_id": "T039152-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11",
                  "product_id": "T039153"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11",
                  "product_id": "T039153-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.5",
                  "product_id": "T039154"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.5",
                  "product_id": "T039154-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.5",
                  "product_id": "T039157"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.5",
                  "product_id": "T039157-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h6",
                  "product_id": "T039158"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h6",
                  "product_id": "T039158-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.14",
                  "product_id": "T039159"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.14",
                  "product_id": "T039159-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.4",
                  "product_id": "T039160"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.4",
                  "product_id": "T039160-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.12",
                  "product_id": "T039161"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.12",
                  "product_id": "T039161-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.2",
                  "product_id": "T039162"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.2",
                  "product_id": "T039162-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.7",
                  "product_id": "T039163"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.7",
                  "product_id": "T039163-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.3",
                  "product_id": "T039164"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.3",
                  "product_id": "T039164-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h5",
                  "product_id": "T039165"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h5",
                  "product_id": "T039165-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.11",
                  "product_id": "T039166"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.11",
                  "product_id": "T039166-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.2",
                  "product_id": "T039167"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.2",
                  "product_id": "T039167-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.10",
                  "product_id": "T039168"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.10",
                  "product_id": "T039168-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.4",
                  "product_id": "T039169"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.4",
                  "product_id": "T039169-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.3",
                  "product_id": "T039171"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.3",
                  "product_id": "T039171-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.2-h3",
                  "product_id": "T039172"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.2-h3",
                  "product_id": "T039172-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.2-h3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.3-h10",
                  "product_id": "T039173"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.3-h10",
                  "product_id": "T039173-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.3-h10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.2-h14",
                  "product_id": "T039174"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.2-h14",
                  "product_id": "T039174-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.2-h14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.9-14",
                  "product_id": "T039176"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.9-14",
                  "product_id": "T039176-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.9-14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.8-h13",
                  "product_id": "T039177"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.8-h13",
                  "product_id": "T039177-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.8-h13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.10-h7",
                  "product_id": "T039178"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.10-h7",
                  "product_id": "T039178-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.10-h7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11-h4",
                  "product_id": "T039179"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11-h4",
                  "product_id": "T039179-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11-h4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.7-h16",
                  "product_id": "T039180"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.7-h16",
                  "product_id": "T039180-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.7-h16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PAN-OS"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszul\u00f6sen, f\u00fchren dazu, dass die Firewall in den Wartungsmodus wechselt."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039173",
          "T039151",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein manipuliertes Paket durch die Datenebene sendet."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039154",
          "T039162",
          "T039168",
          "T039157",
          "T039167",
          "T039159",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund eines Befehlsinjektionsproblems. Ein lokaler Angreifer mit Administrator-Rechten kann diese Schwachstelle ausnutzen, um Dateien auf der Firewall zu l\u00f6schen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039167",
          "T039178",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039174",
          "T039152",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039171",
          "T039160",
          "T039162",
          "T039173",
          "T039151",
          "T039172",
          "T039161",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039163",
          "T039162",
          "T039169"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgem\u00e4\u00dfen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheits\u00fcberpr\u00fcfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039171",
          "T039162",
          "T039172",
          "T039168",
          "T039167"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler ist auf eine unsachgem\u00e4\u00dfe Behandlung von XML-Eingaben zur\u00fcckzuf\u00fchren, bei der externe Entit\u00e4ten nicht ordnungsgem\u00e4\u00df validiert und neutralisiert werden, was zu einer blinden XML External Entity (XXE) Injection-Schwachstelle f\u00fchrt. Ein entfernter, authentisierter Angreifer mit hohen Rechten kann diese Schwachstelle ausnutzen, um sensible Dateien aus dem System zu exfiltrieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039152",
          "T039165",
          "T039162",
          "T039157",
          "T039168",
          "T039167",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "notes": [
        {
          "category": "description",
          "text": "Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgem\u00e4\u00dfe Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039164",
          "T039153",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039162",
          "T039173",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht aufgrund eines Nullzeiger-Dereferenzierungsproblems bei bestimmten Hardwareplattformen, wenn die Decryption Policy aktiviert ist, was zu einem Absturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039178",
          "T039158",
          "T039153",
          "T039174",
          "T039177",
          "T039165",
          "T039176",
          "T039160",
          "T039171",
          "T039162",
          "T039173",
          "T039172",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-9472"
    }
  ]
}

wid-sec-w-2024-3465

Vulnerability from csaf_certbund

Published

2024-11-13 23:00

Modified

2024-11-13 23:00

Summary

PaloAlto Networks PAN-OS: Mehrere Schwachstellen

Notes

Produktbeschreibung

PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.

Angriff

Betroffene Betriebssysteme

- Sonstiges

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PAN-OS ist das Betriebssystem der Sicherheitssysteme / Firewalls der Firma Palo Alto Networks.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in PaloAlto Networks PAN-OS ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben, Dateien zu manipulieren, Sicherheitsma\u00dfnahmen zu umgehen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3465 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3465.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3465 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3465"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2550"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-2552"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5917"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5918"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5919"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-5920"
      },
      {
        "category": "external",
        "summary": "Palo Alto Networks Security Advisories vom 2024-11-13",
        "url": "https://security.paloaltonetworks.com/CVE-2024-9472"
      }
    ],
    "source_lang": "en-US",
    "title": "PaloAlto Networks PAN-OS: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-11-13T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-14T11:42:00.791+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3465",
      "initial_release_date": "2024-11-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.5",
                  "product_id": "T039151"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.5",
                  "product_id": "T039151-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.6",
                  "product_id": "T039152"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.6",
                  "product_id": "T039152-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11",
                  "product_id": "T039153"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11",
                  "product_id": "T039153-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.5",
                  "product_id": "T039154"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.5",
                  "product_id": "T039154-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.5",
                  "product_id": "T039157"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.5",
                  "product_id": "T039157-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h6",
                  "product_id": "T039158"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h6",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h6",
                  "product_id": "T039158-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h6"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.14",
                  "product_id": "T039159"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.14",
                  "product_id": "T039159-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.4",
                  "product_id": "T039160"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.4",
                  "product_id": "T039160-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.12",
                  "product_id": "T039161"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.12",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.12",
                  "product_id": "T039161-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.12"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.2",
                  "product_id": "T039162"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.2",
                  "product_id": "T039162-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.7",
                  "product_id": "T039163"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.7",
                  "product_id": "T039163-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.3",
                  "product_id": "T039164"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.3",
                  "product_id": "T039164-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.4-h5",
                  "product_id": "T039165"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.4-h5",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.4-h5",
                  "product_id": "T039165-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.4-h5"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.11",
                  "product_id": "T039166"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.11",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.11",
                  "product_id": "T039166-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.11"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.0.2",
                  "product_id": "T039167"
                }
              },
              {
                "category": "product_version",
                "name": "11.0.2",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.0.2",
                  "product_id": "T039167-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.0.2"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.1.10",
                  "product_id": "T039168"
                }
              },
              {
                "category": "product_version",
                "name": "10.1.10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.1.10",
                  "product_id": "T039168-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.1.10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.4",
                  "product_id": "T039169"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.4",
                  "product_id": "T039169-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.3",
                  "product_id": "T039171"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.3",
                  "product_id": "T039171-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.2.2-h3",
                  "product_id": "T039172"
                }
              },
              {
                "category": "product_version",
                "name": "11.2.2-h3",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.2.2-h3",
                  "product_id": "T039172-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.2.2-h3"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.3-h10",
                  "product_id": "T039173"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.3-h10",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.3-h10",
                  "product_id": "T039173-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.3-h10"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c11.1.2-h14",
                  "product_id": "T039174"
                }
              },
              {
                "category": "product_version",
                "name": "11.1.2-h14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 11.1.2-h14",
                  "product_id": "T039174-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:11.1.2-h14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.9-14",
                  "product_id": "T039176"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.9-14",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.9-14",
                  "product_id": "T039176-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.9-14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.8-h13",
                  "product_id": "T039177"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.8-h13",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.8-h13",
                  "product_id": "T039177-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.8-h13"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.10-h7",
                  "product_id": "T039178"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.10-h7",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.10-h7",
                  "product_id": "T039178-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.10-h7"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.11-h4",
                  "product_id": "T039179"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.11-h4",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.11-h4",
                  "product_id": "T039179-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.11-h4"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS \u003c10.2.7-h16",
                  "product_id": "T039180"
                }
              },
              {
                "category": "product_version",
                "name": "10.2.7-h16",
                "product": {
                  "name": "PaloAlto Networks PAN-OS 10.2.7-h16",
                  "product_id": "T039180-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:paloaltonetworks:pan-os:10.2.7-h16"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "PAN-OS"
          }
        ],
        "category": "vendor",
        "name": "PaloAlto Networks"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-2550",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein speziell gestaltetes Paket sendet. Wiederholte Versuche, diesen Zustand auszul\u00f6sen, f\u00fchren dazu, dass die Firewall in den Wartungsmodus wechselt."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039173",
          "T039151",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2550"
    },
    {
      "cve": "CVE-2024-2551",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer Null-Pointer-Dereferenz-Schwachstelle. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er ein manipuliertes Paket durch die Datenebene sendet."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039154",
          "T039162",
          "T039168",
          "T039157",
          "T039167",
          "T039159",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2551"
    },
    {
      "cve": "CVE-2024-2552",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund eines Befehlsinjektionsproblems. Ein lokaler Angreifer mit Administrator-Rechten kann diese Schwachstelle ausnutzen, um Dateien auf der Firewall zu l\u00f6schen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039167",
          "T039178",
          "T039158",
          "T039169",
          "T039153",
          "T039164",
          "T039174",
          "T039152",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039171",
          "T039160",
          "T039162",
          "T039173",
          "T039151",
          "T039172",
          "T039161",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-2552"
    },
    {
      "cve": "CVE-2024-5917",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Das administrative Webinterface kann aufgrund eines Server-Side-Request- Forgery-Problems als Proxy verwendet werden. Ein anonymer Angreifer kann diese Schwachstelle ausnutzen, um interne Netzwerkressourcen einzusehen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039163",
          "T039162",
          "T039169"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5917"
    },
    {
      "cve": "CVE-2024-5918",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS aufgrund einer unsachgem\u00e4\u00dfen Zertifikatsvalidierung. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die erwarteten Sicherheits\u00fcberpr\u00fcfungen zu umgehen und sich als legitimer GlobalProtect-Benutzer auszugeben."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039164",
          "T039163",
          "T039166",
          "T039165",
          "T039171",
          "T039162",
          "T039172",
          "T039168",
          "T039167"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5918"
    },
    {
      "cve": "CVE-2024-5919",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler ist auf eine unsachgem\u00e4\u00dfe Behandlung von XML-Eingaben zur\u00fcckzuf\u00fchren, bei der externe Entit\u00e4ten nicht ordnungsgem\u00e4\u00df validiert und neutralisiert werden, was zu einer blinden XML External Entity (XXE) Injection-Schwachstelle f\u00fchrt. Ein entfernter, authentisierter Angreifer mit hohen Rechten kann diese Schwachstelle ausnutzen, um sensible Dateien aus dem System zu exfiltrieren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039152",
          "T039165",
          "T039162",
          "T039157",
          "T039168",
          "T039167",
          "T039158"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5919"
    },
    {
      "cve": "CVE-2024-5920",
      "notes": [
        {
          "category": "description",
          "text": "Eine Cross-Site Scripting Schwachstelle wurde in PaloAlto Networks PAN-OS entdeckt. Dieses Problem wird durch unsachgem\u00e4\u00dfe Filterung der vom Benutzer bereitgestellten Daten vor der Anzeige der Eingaben verursacht. Ein entfernter, authentisierter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Skriptcode im Sicherheitskontext einer betroffenen Site auszuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039168",
          "T039167",
          "T039178",
          "T039159",
          "T039158",
          "T039169",
          "T039164",
          "T039153",
          "T039163",
          "T039174",
          "T039152",
          "T039166",
          "T039177",
          "T039154",
          "T039165",
          "T039176",
          "T039162",
          "T039173",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-5920"
    },
    {
      "cve": "CVE-2024-9472",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in PaloAlto Networks PAN-OS. Dieser Fehler besteht aufgrund eines Nullzeiger-Dereferenzierungsproblems bei bestimmten Hardwareplattformen, wenn die Decryption Policy aktiviert ist, was zu einem Absturz f\u00fchrt. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039157",
          "T039179",
          "T039178",
          "T039158",
          "T039153",
          "T039174",
          "T039177",
          "T039165",
          "T039176",
          "T039160",
          "T039171",
          "T039162",
          "T039173",
          "T039172",
          "T039180"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-9472"
    }
  ]
}

gsd-2024-2551

Vulnerability from gsd

Modified

2024-04-02 05:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-2551

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-2551"
      ],
      "id": "GSD-2024-2551",
      "modified": "2024-04-02T05:02:53.022257Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-2551",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

ghsa-7h98-97f3-2x3x

Vulnerability from github

Published

2024-11-14 12:31

Modified

2025-01-24 18:31

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Amber

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-2551"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-476"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-14T10:15:04Z",
    "severity": "HIGH"
  },
  "details": "A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service (DoS) condition. Repeated attempts to trigger this condition result in the firewall entering maintenance mode.",
  "id": "GHSA-7h98-97f3-2x3x",
  "modified": "2025-01-24T18:31:12Z",
  "published": "2024-11-14T12:31:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2551"
    },
    {
      "type": "WEB",
      "url": "https://security.paloaltonetworks.com/CVE-2024-2551"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber",
      "type": "CVSS_V4"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from cvelistv5

Vulnerability from csaf_ncscnl

Vulnerability from csaf_ncscnl

Vulnerability from fkie_nvd

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from gsd

Vulnerability from github

Tags

Sightings

Nomenclature