Request a Demo
Rewterz
FormBook Malware – Active IOCs
June 18, 2024
Rewterz
Multiple Adobe Experience Manager Vulnerabilities
June 19, 2024

Multiple Palo Alto Networks Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-5905 CVSS:3.6

Palo Alto Networks Cortex XDR Agent is vulnerable to a denial of service, caused by a flaw in the protection mechanism. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to disrupt some functionality of the agent.

CVE-2024-5907 CVSS:4.7

Palo Alto Networks Cortex XDR Agent could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to execute programs with elevated privileges.

CVE-2024-5908 CVSS:6.5

Palo Alto Networks GlobalProtect App could allow a remote attacker to obtain sensitive information, caused by the exposure of encrypted credentials to recipients of the application logs. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain encrypted user credentials.

CVE-2024-5909 CVSS:5.5

Palo Alto Networks Cortex XDR Agent is vulnerable to a denial of service, caused by a flaw in the protection mechanism. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to disable the agent resulting in a denial of service.

CVE-2024-5906 CVSS:3.5

Palo Alto Networks Prisma Cloud Compute is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Impact

  • Denial of Service
  • Privilege Escalation
  • Information Disclosure
  • Cross-Site Scripting

Indicators of Compromise

CVE

  • CVE-2024-5905
  • CVE-2024-5907
  • CVE-2024-5908
  • CVE-2024-5909
  • CVE-2024-5906

Affected Vendors

Palo Alto

Affected Products

  • Palo Alto Networks Cortex XDR Agent 8.1.2
  • Palo Alto Networks Cortex XDR Agent 8.2.1
  • Palo Alto Networks Cortex XDR Agent 7.9.102-CE
  • Palo Alto Networks Cortex XDR Agent 8.2.3
  • Palo Alto Networks GlobalProtect App 6.2.3
  • Palo Alto Networks GlobalProtect App 6.1.3
  • Palo Alto Networks GlobalProtect App 6.0.8
  • Palo Alto Networks GlobalProtect App 5.1.12
  • Palo Alto Networks Prisma Cloud Compute 32.05

Remediation

Refer to Palo Alto Networks Security Advisories for patch, upgrade or suggested workaround information.

CVE-2024-5905

CVE-2024-5907

CVE-2024-5908

CVE-2024-5909

CVE-2024-5906