Severity
Medium
Analysis Summary
CVE-2024-8691 CVSS:5.3
Palo Alto Networks PAN-OS could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the GlobalProtect portal. By sending a specially crafted request, an attacker could exploit this vulnerability to impersonate as another GlobalProtect user.
CVE-2024-8688 CVSS:6.7
Palo Alto Networks PAN-OS could allow a remote attacker to obtain sensitive information, caused by improper neutralization of matching symbols. By sending a specially crafted request, an attacker could exploit this vulnerability to read arbitrary files on the firewall, and use this information to launch further attacks against the affected system.
CVE-2024-8687 CVSS:6.9
Palo Alto Networks PAN-OS could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain the configured GlobalProtect uninstall password and the configured disable or disconnect passcode information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-8691
- CVE-2024-8688
- CVE-2024-8687
Affected Vendors
Affected Products
- Palo Alto Networks GlobalProtect app 5.2
- Palo Alto Networks GlobalProtect App 5.1
- Palo Alto Networks GlobalProtect App 6.2
- Palo Alto Networks GlobalProtect App 6.1
- Palo Alto Networks GlobalProtect App 6.0.3
- Palo Alto Networks PAN-OS - 10.2
- Palo Alto Networks PAN-OS - 9.1.0
- Palo Alto Networks PAN-OS - 10.1.0
- Palo Alto Networks PAN-OS - 10.0.0
- Palo Alto Networks PAN-OS - 10.1
- Palo Alto Networks PAN-OS - 11.0
- Palo Alto Networks Prisma Access 10.2
Remediation
Refer to Palo Alto Networks Security Advisory for patch, upgrade or suggested workaround information.