Analysis Summary

CVE-2024-8691 CVSS:5.3

Palo Alto Networks PAN-OS could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the GlobalProtect portal. By sending a specially crafted request, an attacker could exploit this vulnerability to impersonate as another GlobalProtect user.

CVE-2024-8688 CVSS:6.7

Palo Alto Networks PAN-OS could allow a remote attacker to obtain sensitive information, caused by improper neutralization of matching symbols. By sending a specially crafted request, an attacker could exploit this vulnerability to read arbitrary files on the firewall, and use this information to launch further attacks against the affected system.

CVE-2024-8687 CVSS:6.9

Palo Alto Networks PAN-OS could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain the configured GlobalProtect uninstall password and the configured disable or disconnect passcode information, and use this information to launch further attacks against the affected system.

Impact

• Security Bypass
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-8691
• CVE-2024-8688
• CVE-2024-8687

Affected Vendors

Remediation

Refer to Palo Alto Networks Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-8691

CVE-2024-8688

CVE-2024-8687