Improper Neutralization of Matching Symbols Vulnerability in Palo Alto Networks PAN-OS CLI
CVE-2024-8688

4.4MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 11 September 2024

Summary

A vulnerability exists in the Palo Alto Networks PAN-OS command line interface (CLI) due to improper neutralization of matching symbols. Authenticated administrators, including those with read-only permissions, can exploit this flaw to read arbitrary files on the firewall. This presents a significant risk as it can lead to exposure of sensitive configurations and data, potentially compromising system integrity and confidentiality.

Affected Version(s)

PAN-OS 9.1.0 < 9.1.15

PAN-OS 10.0.0 < 10.0.10

PAN-OS 10.1.0 < 10.1.1

References

https://security.paloaltonetworks.com/CVE-2024-8688

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Sep 11, 2024

Collectors

NVD DatabaseMitre Database

Credit

Matei "Mal" Badanoiu of Deloitte

Martin Smid of Palo Alto Networks