Panorama vulnerability allows unauthorized access and system disruption

CVE-2024-5911

Currently unrated 🤨

Key Information

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 10 July 2024

Badges

👾 Exploit Exists📰 News Worthy

Summary

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which requires manual intervention to bring the Panorama back online.

Affected Version(s)

PAN-OS >= 11.2

PAN-OS >= 11.1

PAN-OS >= 11.0

News Articles

Security Affairs

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.

5 months ago

thmubnail image

Security Affairs

Palo Alto Networks fixed a critical bug in the Expedition tool

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue.

5 months ago

thmubnail image

Refferences

https://security.paloaltonetworks.com/CVE-2024-5911

vendor-advisory

Timeline

First article discovered by Security Affairs
Jul 12, 2024
Vulnerability published
Jul 10, 2024
Vulnerability Reserved
Jun 12, 2024

Collectors

NVD DatabaseMitre Database2 News Article(s)

Credit

Yasukazu Miyashita of Palo Alto Networks

.