Куда я попал?

SECURITM это SGRC система, автоматизирующая процессы в службах информационной безопасности. SECURITM помогает построить и управлять ИСПДн, КИИ, ГИС, СМИБ/СУИБ, банковскими системами защиты.
А еще SECURITM это место для обмена опытом и наработками для служб безопасности.

Подробнее

CVE-2024-0012

PUBLISHED 29.11.2024

CNA: palo_alto

PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

Обновлено: 18.11.2024

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474 https://security.paloaltonetworks.com/CVE-2024-9474 . The risk of this issue is greatly reduced if you secure access to the management web interface by restricting access to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable only to PAN-OS 10.2, PAN-OS 11.0, PAN-OS 11.1, and PAN-OS 11.2 software. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

CWE

Идентификатор	Описание
CWE-306	Отсутствие аутентификации для критически важных функций

БДУ ФСТЭК

Идентификатор	Описание
BDU:2024-09796	Уязвимость веб-интерфейса управления межсетевых экранов Palo Alto Networks, управляемых операционной системой PAN-OS, позволяющая нарушителю выполнить произвольные команды

НКЦКИ уязвимости

Бюллетени НКЦКИ - уязвимости ПО

Идентификатор	Дата бюллетеня	Описание
VULN:20241213-53	13.12.2024	Получение конфиденциальной информации в Siemens RUGGEDCOM APE1808
VULN:20241202-129	02.12.2024	Получение конфиденциальной информации в Palo Alto Networks PAN-OS management web interface

CVSS

Оценка	Severity	Версия	Базовый вектор
9.3	CRITICAL	4.0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red
5.9	MEDIUM	4.0	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Red

Доп. Информация

Product Status

Cloud NGFW

Product:

Cloud NGFW

Vendor:

Palo Alto Networks

Default status:

unaffected

Версии:

Затронутые версии	Статус
Наблюдалось в версии All	unaffected

PAN-OS

Product:

PAN-OS

Vendor:

Palo Alto Networks

Default status:

unaffected

Версии:

Затронутые версии	Статус
Наблюдалось в версиях от 11.2.0 до 11.2.4-h1	affected
Наблюдалось в версиях от 11.1.0 до 11.1.5-h1	affected
Наблюдалось в версиях от 11.0.0 до 11.0.6-h1	affected
Наблюдалось в версиях от 10.2.0 до 10.2.12-h2	affected
Наблюдалось в версии 10.1.0	unaffected

СPE:

cpe:2.3:o:paloaltonetworks:pan-os:11.2.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.6:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:11.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.12:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.11:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.10:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.9:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.8:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h16:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h15:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.7:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.6:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.5:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h16:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h15:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h14:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.4:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h13:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h12:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h11:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h10:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h9:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h8:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h7:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h6:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.3:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h5:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h4:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.1:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h3:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h2:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:h1:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2.0:-:*:*:*:*:*:*
cpe:2.3:o:paloaltonetworks:pan-os:10.2:-:*:*:*:*:*:*

Prisma Access

Product:

Prisma Access

Vendor:

Palo Alto Networks

Default status:

unaffected

Версии:

Затронутые версии	Статус
Наблюдалось в версии All	unaffected

Ссылки

https://security.paloaltonetworks.com/CVE-2024-0012

CISA ADP Vulnrichment

Обновлено: 29.11.2024

Этот блок содержит дополнительную информацию, предоставленную программой CVE для этой уязвимости.

SSVC

Exploitation	Automatable	Technical Impact	Версия	Дата доступа
active	yes	total	2.0.3	19.11.2024

Ссылки

https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/

CVE Program Container

Обновлено: 24.11.2024

SSVC and KEV, plus CVSS and CWE if not provided by the CNA.

Ссылки

https://unit42.paloaltonetworks.com/cve-2024-0012-cve-2024-9474/

Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.

Каталог уязвимостей - CVE - CVE-2024-0012

CVE-2024-0012

CNA: palo_alto

PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015)

CWE

БДУ ФСТЭК

НКЦКИ уязвимости

CVSS

Доп. Информация

Product Status

Ссылки

CISA ADP Vulnrichment

SSVC

Ссылки

CVE Program Container

Ссылки