cve-2024-8687
Vulnerability from cvelistv5
Published
2024-09-11 16:40
Modified
2024-09-11 18:25
Severity ?
6.9 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber
Summary
An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.
References
psirt@paloaltonetworks.comhttps://security.paloaltonetworks.com/CVE-2024-8687Vendor Advisory
Impacted products
Vendor Product Version
Palo Alto Networks PAN-OS Version: 11.0.0   < 11.0.1
Version: 10.2.0   < 10.2.4
Version: 10.1.0   < 10.1.9
Version: 10.0.0   < 10.0.12
Version: 9.1.0   < 9.1.16
Version: 9.0.0   < 9.0.17
Version: 8.1.0   < 8.1.25
 Create a notification for this product.
   Palo Alto Networks GlobalProtect App Version: 5.1.0   < 5.1.12
Version: 5.2.0   < 5.2.13
Version: 6.0.0   < 6.0.7
Version: 6.1.0   < 6.1.2
Version: 6.2.0   < 6.2.1
 Create a notification for this product.
   Palo Alto Networks Cloud NGFW Create a notification for this product.
   Palo Alto Networks Prisma Access Version: 10.2.0   < 10.2.9 on PAN-OS
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            metrics: [
               {
                  other: {
                     content: {
                        id: "CVE-2024-8687",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-09-11T18:23:36.439085Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-09-11T18:25:14.604Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "PAN-OS",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     status: "unaffected",
                     version: "11.1.0",
                  },
                  {
                     status: "unaffected",
                     version: "11.2.0",
                  },
                  {
                     changes: [
                        {
                           at: "11.0.1",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "11.0.1",
                     status: "affected",
                     version: "11.0.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "10.2.4",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.2.4",
                     status: "affected",
                     version: "10.2.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "10.1.9",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.1.9",
                     status: "affected",
                     version: "10.1.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "10.0.12",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.0.12",
                     status: "affected",
                     version: "10.0.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "9.1.16",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "9.1.16",
                     status: "affected",
                     version: "9.1.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "9.0.17",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "9.0.17",
                     status: "affected",
                     version: "9.0.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "8.1.25",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "8.1.25",
                     status: "affected",
                     version: "8.1.0",
                     versionType: "custom",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "GlobalProtect App",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     changes: [
                        {
                           at: "5.1.12",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "5.1.12",
                     status: "affected",
                     version: "5.1.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "5.2.13",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "5.2.13",
                     status: "affected",
                     version: "5.2.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "6.0.7",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "6.0.7",
                     status: "affected",
                     version: "6.0.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "6.1.2",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "6.1.2",
                     status: "affected",
                     version: "6.1.0",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "6.2.1",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "6.2.1",
                     status: "affected",
                     version: "6.2.0",
                     versionType: "custom",
                  },
                  {
                     status: "unaffected",
                     version: "6.3.0",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "Cloud NGFW",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     status: "unaffected",
                     version: "All",
                  },
               ],
            },
            {
               defaultStatus: "unaffected",
               product: "Prisma Access",
               vendor: "Palo Alto Networks",
               versions: [
                  {
                     changes: [
                        {
                           at: "10.2.9 on PAN-OS",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "10.2.9 on PAN-OS",
                     status: "affected",
                     version: "10.2.0",
                     versionType: "custom",
                  },
               ],
            },
         ],
         configurations: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Impacted systems are those on which any of the following features are enabled:<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Disable GlobalProtect App &gt; Allow with Passcode<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow user to disconnect GlobalProtect App &gt; Allow with Passcode<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Uninstall GlobalProtect App &gt; Allow with Password",
                  },
               ],
               value: "Impacted systems are those on which any of the following features are enabled:\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Disable GlobalProtect App > Allow with Passcode\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow user to disconnect GlobalProtect App > Allow with Passcode\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Uninstall GlobalProtect App > Allow with Password",
            },
         ],
         credits: [
            {
               lang: "en",
               type: "finder",
               value: "Claudiu Pancotan",
            },
         ],
         datePublic: "2024-09-11T16:00:00.000Z",
         descriptions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.",
                  },
               ],
               value: "An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.",
            },
         ],
         exploits: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>",
                  },
               ],
               value: "Palo Alto Networks is not aware of any malicious exploitation of this issue.",
            },
         ],
         impacts: [
            {
               capecId: "CAPEC-383",
               descriptions: [
                  {
                     lang: "en",
                     value: "CAPEC-383 Harvesting Information via API Event Monitoring",
                  },
               ],
            },
         ],
         metrics: [
            {
               cvssV4_0: {
                  Automatable: "NO",
                  Recovery: "AUTOMATIC",
                  Safety: "NOT_DEFINED",
                  attackComplexity: "LOW",
                  attackRequirements: "NONE",
                  attackVector: "LOCAL",
                  baseScore: 6.9,
                  baseSeverity: "MEDIUM",
                  privilegesRequired: "LOW",
                  providerUrgency: "AMBER",
                  subAvailabilityImpact: "NONE",
                  subConfidentialityImpact: "NONE",
                  subIntegrityImpact: "NONE",
                  userInteraction: "NONE",
                  valueDensity: "DIFFUSE",
                  vectorString: "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber",
                  version: "4.0",
                  vulnAvailabilityImpact: "LOW",
                  vulnConfidentialityImpact: "HIGH",
                  vulnIntegrityImpact: "NONE",
                  vulnerabilityResponseEffort: "MODERATE",
               },
               format: "CVSS",
               scenarios: [
                  {
                     lang: "en",
                     value: "GENERAL",
                  },
               ],
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-497",
                     description: "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-09-11T16:40:21.066Z",
            orgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
            shortName: "palo_alto",
         },
         references: [
            {
               url: "https://security.paloaltonetworks.com/CVE-2024-8687",
            },
         ],
         solutions: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.<br><br>To maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.<br><br>All fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.<br><br>You can find additional information for PAN-204689 here: <a target=\"_blank\" rel=\"nofollow\" href=\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues\">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues</a>\n\nPrisma Access customers can open a support case to request an upgrade.<br>",
                  },
               ],
               value: "This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.\n\nTo maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.\n\nAll fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.\n\nYou can find additional information for PAN-204689 here:  https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues \n\nPrisma Access customers can open a support case to request an upgrade.",
            },
         ],
         source: {
            defect: [
               "PAN-204689",
               "GPC-16848",
            ],
            discovery: "EXTERNAL",
         },
         timeline: [
            {
               lang: "en",
               time: "2024-09-11T16:00:00.000Z",
               value: "Initial publication",
            },
         ],
         title: "PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes",
         workarounds: [
            {
               lang: "en",
               supportingMedia: [
                  {
                     base64: false,
                     type: "text/html",
                     value: "Change the following two settings (if enabled) to \"Allow with Ticket\":<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Disable GlobalProtect App<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow user to disconnect GlobalProtect App<br><br>Change the following setting (if enabled) to \"Disallow\":<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Uninstall GlobalProtect App<br>",
                  },
               ],
               value: "Change the following two settings (if enabled) to \"Allow with Ticket\":\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Disable GlobalProtect App\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow user to disconnect GlobalProtect App\n\nChange the following setting (if enabled) to \"Disallow\":\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Uninstall GlobalProtect App",
            },
         ],
         x_generator: {
            engine: "Vulnogram 0.1.0-dev",
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
      assignerShortName: "palo_alto",
      cveId: "CVE-2024-8687",
      datePublished: "2024-09-11T16:40:21.066Z",
      dateReserved: "2024-09-11T08:21:12.686Z",
      dateUpdated: "2024-09-11T18:25:14.604Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2024-8687\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2024-09-11T17:15:14.157\",\"lastModified\":\"2024-10-03T00:26:56.110\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de exposición de información en el software PAN-OS de Palo Alto Networks que permite que un usuario final de GlobalProtect conozca tanto la contraseña de desinstalación de GlobalProtect configurada como el código de acceso de deshabilitación o desconexión configurado. Una vez que se conoce la contraseña o el código de acceso, los usuarios finales pueden desinstalar, deshabilitar o desconectar GlobalProtect incluso si la configuración de la aplicación GlobalProtect normalmente no les permitiría hacerlo.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:A/V:D/RE:M/U:Amber\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"HIGH\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"LOW\",\"subsequentSystemConfidentiality\":\"NONE\",\"subsequentSystemIntegrity\":\"NONE\",\"subsequentSystemAvailability\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NO\",\"recovery\":\"AUTOMATIC\",\"valueDensity\":\"DIFFUSE\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H\",\"baseScore\":7.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":4.2}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-497\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.1.0\",\"versionEndExcluding\":\"8.1.25\",\"matchCriteriaId\":\"5C73941F-EBEE-4A03-94A4-B4C7C96E4963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.0.0\",\"versionEndExcluding\":\"9.0.17\",\"matchCriteriaId\":\"89A55C5F-8E01-42C4-BE93-D683900C07BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.1.0\",\"versionEndExcluding\":\"9.1.16\",\"matchCriteriaId\":\"56181B13-327B-4249-A7E8-246B2420CEFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.0.12\",\"matchCriteriaId\":\"71F1F86A-8158-4BE8-B509-5F50421DA829\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.1.0\",\"versionEndExcluding\":\"10.1.9\",\"matchCriteriaId\":\"18EE46C0-B863-4AE4-833C-05030D8AD1AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.2.0\",\"versionEndExcluding\":\"10.2.4\",\"matchCriteriaId\":\"D61F01F8-1598-4078-9D98-BFF5B62F3BA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F3693A5-182E-4723-BE2A-062D0C9E736C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.1.0\",\"versionEndExcluding\":\"5.1.12\",\"matchCriteriaId\":\"B67C7EC3-6A0C-4068-A40C-3CA3CE670E02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.2.0\",\"versionEndExcluding\":\"5.2.13\",\"matchCriteriaId\":\"B4E58F8A-5040-432C-9B6B-1890F33A0FB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0.0\",\"versionEndExcluding\":\"6.0.7\",\"matchCriteriaId\":\"4ACA99D7-01F8-4BEE-9CC9-AF8AA1121DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1.0\",\"versionEndExcluding\":\"6.1.2\",\"matchCriteriaId\":\"C4BDBA4C-CEE9-4B47-82EE-3B58A04EB649\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:globalprotect:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"780045AA-5D59-4D8C-B742-B48B58DAD8F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paloaltonetworks:prisma_access:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFB6FBC7-DEEB-4571-BCF9-92345A4B614A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.2.9\",\"matchCriteriaId\":\"456CB3CF-DCDA-4A0A-8DC0-72DBD713D3BE\"}]}]}],\"references\":[{\"url\":\"https://security.paloaltonetworks.com/CVE-2024-8687\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8687\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-11T18:23:36.439085Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T18:25:09.280Z\"}}], \"cna\": {\"title\": \"PAN-OS: Cleartext Exposure of GlobalProtect Portal Passcodes\", \"source\": {\"defect\": [\"PAN-204689\", \"GPC-16848\"], \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Claudiu Pancotan\"}], \"impacts\": [{\"capecId\": \"CAPEC-383\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-383 Harvesting Information via API Event Monitoring\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"AUTOMATIC\", \"baseScore\": 6.9, \"Automatable\": \"NO\", \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"valueDensity\": \"DIFFUSE\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:M/U:Amber\", \"providerUrgency\": \"AMBER\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"NONE\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"LOW\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Palo Alto Networks\", \"product\": \"PAN-OS\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"11.1.0\"}, {\"status\": \"unaffected\", \"version\": \"11.2.0\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"11.0.1\", \"status\": \"unaffected\"}], \"version\": \"11.0.0\", \"lessThan\": \"11.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.4\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.1.9\", \"status\": \"unaffected\"}], \"version\": \"10.1.0\", \"lessThan\": \"10.1.9\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"10.0.12\", \"status\": \"unaffected\"}], \"version\": \"10.0.0\", \"lessThan\": \"10.0.12\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"9.1.16\", \"status\": \"unaffected\"}], \"version\": \"9.1.0\", \"lessThan\": \"9.1.16\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"9.0.17\", \"status\": \"unaffected\"}], \"version\": \"9.0.0\", \"lessThan\": \"9.0.17\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"8.1.25\", \"status\": \"unaffected\"}], \"version\": \"8.1.0\", \"lessThan\": \"8.1.25\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"GlobalProtect App\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"5.1.12\", \"status\": \"unaffected\"}], \"version\": \"5.1.0\", \"lessThan\": \"5.1.12\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"5.2.13\", \"status\": \"unaffected\"}], \"version\": \"5.2.0\", \"lessThan\": \"5.2.13\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"6.0.7\", \"status\": \"unaffected\"}], \"version\": \"6.0.0\", \"lessThan\": \"6.0.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"6.1.2\", \"status\": \"unaffected\"}], \"version\": \"6.1.0\", \"lessThan\": \"6.1.2\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"6.2.1\", \"status\": \"unaffected\"}], \"version\": \"6.2.0\", \"lessThan\": \"6.2.1\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"6.3.0\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Cloud NGFW\", \"versions\": [{\"status\": \"unaffected\", \"version\": \"All\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Palo Alto Networks\", \"product\": \"Prisma Access\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"10.2.9 on PAN-OS\", \"status\": \"unaffected\"}], \"version\": \"10.2.0\", \"lessThan\": \"10.2.9 on PAN-OS\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Palo Alto Networks is not aware of any malicious exploitation of this issue.<br>\", \"base64\": false}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-09-11T16:00:00.000Z\", \"value\": \"Initial publication\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.\\n\\nTo maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.\\n\\nAll fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.\\n\\nYou can find additional information for PAN-204689 here:  https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues \\n\\nPrisma Access customers can open a support case to request an upgrade.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"This issue is fixed in PAN-OS 8.1.25, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.12, PAN-OS 10.1.9, PAN-OS 10.2.4, PAN-OS 11.0.1, and all later PAN-OS versions. It is also fixed in Prisma Access 10.2.9 and all later Prisma Access versions. To maintain GlobalProtect app functionality for the vulnerable features, we released a corresponding software update for GlobalProtect app 5.1.12, GlobalProtect app 5.2.13, GlobalProtect app 6.0.7, GlobalProtect app 6.1.2, and GlobalProtect app 6.2.1, and all later GlobalProtect app versions.<br><br>To maintain the ability for end users to use the uninstall password feature and the disable or disconnect passcode feature, you must ensure that you upgrade all GlobalProtect app deployments to a fixed version before you upgrade your PAN-OS software to a fixed version.<br><br>All fixed versions of GlobalProtect are backwards compatible with vulnerable versions of PAN-OS software. However, fixed versions of PAN-OS software are not backwards compatible with vulnerable versions of GlobalProtect.<br><br>You can find additional information for PAN-204689 here: <a target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues\\\">https://docs.paloaltonetworks.com/pan-os/11-1/pan-os-release-notes/pan-os-11-1-0-known-and-addressed-issues/pan-os-11-1-0-known-issues</a>\\n\\nPrisma Access customers can open a support case to request an upgrade.<br>\", \"base64\": false}]}], \"datePublic\": \"2024-09-11T16:00:00.000Z\", \"references\": [{\"url\": \"https://security.paloaltonetworks.com/CVE-2024-8687\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Change the following two settings (if enabled) to \\\"Allow with Ticket\\\":\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Disable GlobalProtect App\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow user to disconnect GlobalProtect App\\n\\nChange the following setting (if enabled) to \\\"Disallow\\\":\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Uninstall GlobalProtect App\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Change the following two settings (if enabled) to \\\"Allow with Ticket\\\":<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Disable GlobalProtect App<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow user to disconnect GlobalProtect App<br><br>Change the following setting (if enabled) to \\\"Disallow\\\":<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Uninstall GlobalProtect App<br>\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An information exposure vulnerability exists in Palo Alto Networks PAN-OS software that enables a GlobalProtect end user to learn both the configured GlobalProtect uninstall password and the configured disable or disconnect passcode. After the password or passcode is known, end users can uninstall, disable, or disconnect GlobalProtect even if the GlobalProtect app configuration would not normally permit them to do so.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-497\", \"description\": \"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Impacted systems are those on which any of the following features are enabled:\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Disable GlobalProtect App > Allow with Passcode\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow user to disconnect GlobalProtect App > Allow with Passcode\\n* Network > GlobalProtect > Portals >  > Agent >  > App > Allow User to Uninstall GlobalProtect App > Allow with Password\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Impacted systems are those on which any of the following features are enabled:<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Disable GlobalProtect App &gt; Allow with Passcode<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow user to disconnect GlobalProtect App &gt; Allow with Passcode<br>* Network &gt; GlobalProtect &gt; Portals &gt;  &gt; Agent &gt;  &gt; App &gt; Allow User to Uninstall GlobalProtect App &gt; Allow with Password\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"shortName\": \"palo_alto\", \"dateUpdated\": \"2024-09-11T16:40:21.066Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-8687\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-11T18:25:14.604Z\", \"dateReserved\": \"2024-09-11T08:21:12.686Z\", \"assignerOrgId\": \"d6c1279f-00f6-4ef7-9217-f89ffe703ec0\", \"datePublished\": \"2024-09-11T16:40:21.066Z\", \"assignerShortName\": \"palo_alto\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.