Panorama vulnerability allows unauthorized access and system disruption
CVE-2024-5911

Currently unrated

Key Information:

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 10 July 2024

Badges

📰 News Worthy

Summary

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.

Affected Version(s)

PAN-OS Panorama 10.2.0 < 10.2.4

PAN-OS Panorama 10.1.0 < 10.1.9

Cloud NGFW All

News Articles

Security Affairs

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.

7 months ago

thmubnail image

Security Affairs

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.

7 months ago

thmubnail image

References

https://security.paloaltonetworks.com/CVE-2024-5911

vendor-advisory

Timeline

📰
First article discovered by Security Affairs
Jul 12, 2024
Vulnerability published
Jul 10, 2024
Vulnerability Reserved
Jun 12, 2024

Credit

Yasukazu Miyashita of Palo Alto Networks

.