Palo Alto Networks GlobalProtect Vulnerability: Impersonation of Authenticated Users

CVE-2024-8691

7.1HIGH

Key Information

Status
Pan-os
Cloud Ngfw
Prisma Access
Vendor
CVE Published:
11 September 2024

Badges

đź‘ľ Exploit Exists

Summary

A vulnerability in the GlobalProtect portal in Palo Alto Networks PAN-OS software enables a malicious authenticated GlobalProtect user to impersonate another GlobalProtect user. Active GlobalProtect users impersonated by an attacker who is exploiting this vulnerability are disconnected from GlobalProtect. Upon exploitation, PAN-OS logs indicate that the impersonated user authenticated to GlobalProtect, which hides the identity of the attacker.

Affected Version(s)

PAN-OS < 9.1.17

PAN-OS < 10.1.11

PAN-OS >= 10.2.0

Refferences

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved

  • Vulnerability published

Collectors

NVD DatabaseMitre Database

Credit

Claudiu Pancotan
.