Palo Alto Networks GlobalProtect Vulnerability: Impersonation of Authenticated Users

CVE-2024-8691

7.1HIGH

Key Information

Vendor: Palo Alto Networks
Status: Pan-os; Cloud Ngfw; Prisma Access
Vendor: CVE Published:; 11 September 2024

Badges

👾 Exploit Exists

Summary

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Affected Version(s)

PAN-OS < 9.1.17

PAN-OS < 10.1.11

PAN-OS >= 10.2.0

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Initial publication
Sep 11, 2024
Vulnerability Reserved.
Sep 11, 2024
Vulnerability published.
Sep 11, 2024
👾
Exploit exists.
Jan 1, 1970

Collectors

NVD DatabaseMitre Database

Credit

Claudiu Pancotan